Security researchers are warning of a new WhatsApp hack method that can hijack any WhatsApp account while the user is asleep. This exploit can be abused by cybercriminals to take over people's accounts to send scams and send spam messages to unsuspecting contacts of the victims involved.
According to Twitter user @ihackbanme, the hacker doesn't need to get access to your smartphone to enable the hack to work.
"You're sleeping. A 'hacker' tries to login to your account via WhatsApp. You get a text message with a pincode that says 'do not share this'. You don't share it, yet you still get hacked," the security researcher said.
He went on to explain that the attacker can click on an option via the login page which claims that the verification text didn't arrive. WhatsApp will then proceed to call the phone number but since the victim is already asleep (and must have probably turned off all notifications), the call will be left unanswered and then a voicemail will be left with the WhatsApp code.
The hacker will then proceed to get the code by simply using a default pin code from the victim's mobile network. With that default pin code, the hacker will then be able to listen to the verification code and then use it to log into the WhatsApp account.
Also Read:
- Woman Gets Killed For Posting Wedding Photos On Her WhatsApp Status And Facebook
- You Could Be Prosecuted For Sharing Your Netflix Password
After that, the hacker will then create their own two-factor authentication on the victim's WhatsApp account and then lock the real owner out while they scam and perform some other malicious activity on the account.
But then, the researcher also noted that this hack can be prevented from even happening in the first place. To do this, WhatsApp users are advised to change their voicemail pin code from the default pin code and to also set up two-factor authentication on their WhatsApp.
Yea
ReplyDelete