From The Inquirer:
The end result was the researchers had effectively found ways to hack and exploit WhatsApp.
“By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This allowed us to then be able to manipulate them and start looking for security issues,” the researchers explained.
As such, Check Point was able to then carry out three attacks against WhatsApp users, including changing the identity of a sender in a group chat even if they aren’t a member of said chat, changing a correspondent’s reply to effectively fake their response, and sending private messages to a person in a chat group but ensuring that when they respond the whole group sees the reply.
Basically, the attacks could enable malicious actors to sneak into group chats and manipulate conversations and cause communications havoc, and spread misinformation.
Hmmm… They had to do any awful lot of tedious stuff before they were able to pull off those tricks. On the other hand, this is what GCHQ and NSA do all the time, I guess.