Posted on March 29, 2020 at 11:39 AM
According to recent reports, WhatsApp users are being targeted by cybercriminals as they lock them out of their accounts and send dangerous messages to their friends and families.
Security researchers explained that hackers can deceive their victims to share their account details using the panic surrounding the CODID-19 pandemic.
The hack is very simple to implement
One thing about this new hack is the fact that anyone can implement the hack as it’s very simple to execute. Preventing it is also very easy, as long as the WhatsApp user follows the basic security protocol. WhatsApp provides a basic security protocol users can set to keep their WhatsApp secured from this type of attack.
Different groups have attacked WhatsApp in the past
There have been different hacking groups that have attacked WhatsApp and other messaging apps in the past. Last year, the users of the messaging App were targeted with spyware by nation-state attackers. Also, some attackers installed a backdoor to lock victims out of their App. But this present attack is even simpler to accomplish.
How the attack is carried out
Although security researchers have discovered this particular cyberattack that targets WhatsApp users, it recently resurfaced as the attackers send 6-digit codes to the victim’s WhatsApp through text message.
After the code is sent, the close friend or family member, whose account has been infiltrated, will be asked to share the code through WhatsApp. When the code is shared, the targeted victim will be completely locked out of their WhatsApp account for 12 hours.
During this time, the attackers use the victim’s details to send a message to the victim’s contacts, as those contacts would believe the message is coming from someone they know.
The current attack does not have anything to do with WhatsApp integrity or nation-state cyberattacks. The attackers take advantage of the complacency of some users and social engineering.
Issues fixed, but users need to take action
The recent WhatsApp attack is not because of the vulnerability of any WhatsApp plugin. Rather, the attackers are only succeeding where the user did not take the necessary action to update their messenger.
The attackers who have hacked the WhatsApp account send messages to some contacts on the compromised WhatsApp, asking them to send a 6-digit code. But in essence, the contacts will be sending the WhatsApp verification code to the cybercriminals and not to their friend or relative who owns the WhatsApp account.
Once the attackers receive the code, they can install the WhatsApp afresh and take hold of the user’s account completely. This type of scam is easier than porting SIM to a new device, although the effect is still the same.
Here, the hackers did not compromise any legacy data. Rather, the WhatsApp account has been transferred completely into another device.
Preventing the attack
Security researchers said users can prevent the hack easily if the user selects their PIN and email address to reset their account in case they forget the PIN. This is quite different from the 6-digit verification code the messaging app usually sends when verifying a new installation.
It will form as two-factor authentication, as an extra layer of security is usually more difficult to bypass. That means that even when the user sends the 6-digit code to the hackers, they would still not be able to have the user’s PIN.
Users need to take precautions and avoid sending the code to their supposed friend. However, even when they were deceived into sending the code, it makes more sense to have a second authentication method that will prevent the hacker from gaining access.
So many people have not enabled PIN in their WhatsApp account, which is where the hackers capitalizing to launch their attack. The main victims of this type of attack are usually not the hacked WhatsApp account but those contacts the hackers would likely send messages.