Blog

Hackers Are Using Personal Messages On WhatsApp To Attack

Jun 27, 2022 | Blog

Are you a WhatsApp user?  If so, be aware that hackers have worked out a means of hijacking a user’s WhatsApp account and gaining access to a user’s contact list and personal messages.

The attack relies on mobile carriers’ automated service to forward calls to different phone numbers, which is a service every major mobile carrier offers.

Unfortunately, it can be exploited by hackers by tricking users into forwarding their calls to a number that the hackers control. So when WhatsApp sends a one-time password (OTP) verification via voice call, the hackers wind up with the code.

Rahul Sasi is the CEO and founder of CloudSEK which is a digital risk protection company.

Sasi had this to say about the attack:

“First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405*. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account.”

Once the hackers have tricked a user into forwarding their calls, they initiate the WhatsApp registration process on their device, naturally choosing the option to receive the OTP via voice call.

There are a few caveats here, and this methodology is by no means fool proof.  For example, the victim does get a text message stating that his/her WhatsApp account is being registered on another device.  When there’s a lot going on that’s easy to miss, but an observant user won’t.

Also, if call forwarding has already been activated on the victim’s device, then the attacker must use a different phone number than the one used for the redirection.  This usually won’t stop a determined attacker, but it will take a bit more social engineering and moxie to pull off.

The bottom line is, if you’re a WhatsApp user, someone may try this on you. So be on the alert for it.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech