WhatsApp security snafu allows sneaky 'message manipulation'

Researchers claim to have uncovered weaknesses in WhatsApp that can be exploited to manipulate messages in private and group conversations.
Eggheads at Israeli security firm Check Point this week described how, with some social engineering trickery and custom extensions for popular network-packet-twiddling toolkit Burp Suite, they can:

1. Alter the text of someone's reply on their phone, essentially putting words in the other person's mouth.
2. Use the “quote” feature in a group conversation to change the identity of the sender, even if that person is not a member of the group.
3. Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.

Basically, you can tamper with messages received and stored on your device, quote them back to your mark, and sow the seeds of all sorts of confusion. All the techniques involve social engineering tactics to hoodwink marks, as well as obtaining your public-private key pair from WhatsApp, as explained at some length in a blog post by Check Point's Dikla Barda, Roman Zaikin, and Oded Vanunu right here.
There's also a video illustrating the approach, as embedded below.