On 7 April, I reported what appeared to be a successful man-in-the-middle attack on a conversation I was having on the messaging app Viber. A Telecom wifi hotspot removed the image I was attempting to send to a friend, and replaced it with a protection message – all without Viber detecting this had happened.
Following this, I investigated with Viber and found that images and calls are not encrypted end-to-end, allowing eavesdropping and this successful attack. The attack, and resulting fixes from Viber are detailed in full at: http://www.cnet.com/au/news/viber-begins-fixing-image-encryption-vulnerability/
Below: Compare the