Home » Misc » How to hack a phone through whatsapp

How to hack a phone through whatsapp


9 Ways Your WhatsApp Messages Can Be Hacked

WhatsApp is a popular and easy to use messaging app. It has some security features, like the use of end-to-end encryption, which tries to keep your messages private. However, as good as these security measures are, WhatsApp still isn't immune to hacks, which can end up compromising the privacy of your messages and contacts.

Don't take our word for it: just go and see how many "How to hack WhatsApp" guides you'll find on the internet if you're persistent enough.

As knowing is half the battle, if we are simply aware of vulnerabilities, we can then take concrete steps to avoid comprising ourselves. To that end, here are a few ways that WhatsApp can be hacked.

1. Remote Code Execution via GIF

In October 2019, security researcher Awakened revealed a vulnerability in WhatsApp that let hackers take control of the app using a GIF image. The hack works by taking advantage of the way WhatsApp processes images when the user opens the Gallery view to send a media file.

When this happens, the app parses the GIF to show a preview of the file. GIF files are special because they have multiple encoded frames. This means that code can be hidden within the image.

If a hacker were to send a malicious GIF to a user, they could compromise the user's entire chat history. The hackers would be able to see who the user had been messaging and what they had been saying. They could also see users' files, photos, and videos sent through WhatsApp.

The vulnerability affected versions of WhatsApp up to 2.19.230 on Android 8.1 and 9. Fortunately, Awakened disclosed the vulnerability responsibly and Facebook, which owns WhatsApp, patched the issue. To keep yourself safe from this problem and similar, you should always keep WhatsApp updated.

2. The Pegasus Voice Call Attack

Another WhatsApp vulnerability discovered in early 2019 was the Pegasus voice call hack.

This scary attack allowed hackers to access a device simply by placing a WhatsApp voice call to their target. Even if the target didn't answer the call, the attack could still be effective. And the target may not even be aware that malware has been installed on their device.

This worked through a method known as buffer overflow. This is where an attack deliberately puts in so much code into a small buffer that it "overflows" and writes code into a location it shouldn't be able to access. When the hacker can run code in a location that should be secure, they can take malicious steps.

This attack installed an older and well-known piece of spyware called Pegasus. This allowed hackers to collect data on phone calls, messages, photos, and video. It even let them activate devices' cameras and microphones to take recordings.

This vulnerability is applicable on Android, iOS, Windows 10 Mobile, and Tizen devices. It was used by the Israeli firm, NSO Group, for example, which has been accused of spying on Amnesty International staff and other human rights activists. After news of the hack broke, WhatsApp was updated to protect it from this attack.

If you are running WhatsApp version 2.19.134 or earlier on Android or version 2.19.51 or earlier on iOS, then you need to update your app immediately.

Another way you're vulnerable to getting your WhatsApp hacked is through socially engineered attacks, which exploit human psychology to steal information or spread misinformation.

Security firm, Check Point Research, revealed one example of this attack, which they named FakesApp. This allowed people to misuse the quote feature in group chat and to alter the text of another person's reply. Essentially, hackers could plant fake statements that appear to be from other legitimate users.

The researchers could do this by decrypting WhatsApp communications. This allowed them to see data sent between the mobile and the web versions of WhatsApp.

And from here, they could change values in group chats. Then they could impersonate other people, sending messages which appeared to be from them. They could also change the text of replies.

This could be used in worrying ways to spread scams or fake news. Even though the vulnerability was disclosed in 2018, it had still not been patched by the time the researchers spoke at the Black Hat conference in Las Vegas in 2019, according to ZNet. It therefore becomes critical that you learn how to recognize WhatsApp scams and keep reminding yourself of these red flags periodically.

4. Media File Jacking

Media File Jacking affects both WhatsApp and Telegram. This attack takes advantage of the way apps receive media files like photos or videos and write those files to a device's external storage.

The attack starts by installing malware hidden inside an apparently harmless app. This can then monitor incoming files for Telegram or WhatsApp. When a new file comes in, the malware may swap out the real file for a fake one.

Symantec, the company that discovered the issue, suggested it could be used to scam people or to spread fake news.

There is a quick fix for this issue, though. Using WhatsApp, you should look in Settings and go to Chat Settings. Then find the Save to Gallery option and make sure it is set to Off. This will protect you from this vulnerability. However, a true fix for the issue will require app developers to entirely change the way that apps handle media files in the future.

5. Facebook Could Spy on WhatsApp Chats

In an official blog post, WhatsApp asserted that due to its end-to-end encryption, it is impossible for Facebook to read WhatsApp content:

"When you and the people you message are using the latest version of WhatsApp, your messages are encrypted by default, which means you're the only people who can read them. Even as we coordinate more with Facebook in the months ahead, your encrypted messages stay private and no one else can read them. Not WhatsApp, not Facebook, nor anyone else."

However, according to developer Gregorio Zanon, this is not strictly true. The fact that WhatsApp uses end-to-end encryption does not mean all messages are private. On an operating system like iOS 8 and above, apps can access files in a "shared container."

Both the Facebook and WhatsApp apps use the same shared container on devices. And while chats are encrypted when they are sent, they are not necessarily encrypted on the originating device. This means the Facebook app could potentially copy information from WhatsApp.

There is no evidence that Facebook has used shared containers to view private WhatsApp messages. But the potential is there. Even with end-to-end encryption, your messages may not be private from the all-capturing net of Facebook.

6. Paid Third-Party Apps

You'd be surprised how many paid legal apps have sprung up in the market, which solely exist for hacking into secure systems. It's super easy to carry out covert WhatsApp hacks through this method.

In fact, it isn't unheard of for big corporations to work hand-in-hand with oppressive regimes to target activists and journalists; or by cybercriminals, intent on getting your personal information.

Apps like Spyzie and mSPY can easily hack into your WhatsApp account for stealing your private data. All you need to do is purchase the app, install it, and activate it on the target phone. You can then simply sit back and connect to your app dashboard from the web browser, and snoop in on private WhatsApp data like messages, contacts, status, etc. But obviously, we advise against anyone actually doing this!

7. Fake WhatsApp Clones

Using fake website clones to install malware is an old hacking strategy still implemented by cyber criminals all over the world. These clone sites are known as malicious websites.

The hacking tactic has now also been adopted for breaking into Android systems. To carry out a WhatsApp hack on your account, an attacker will first try to install a clone of WhatsApp, which might look strikingly similar to the original app.

Take the case of the WhatsApp Pink scam, for instance. A clone of the original WhatsApp, it claims to change the standard green WhatsApp background to pink.

Here's how it works: an unsuspecting user receives a link to download the WhatsApp Pink app for changing the background color of their app. And even though it really does change the background color of your app to pink, as soon as you install the app, it will start collecting data not just from your WhatsApp but also from everything else stored on your phone.

8. WhatsApp Web

WhatsApp Web is a neat tool for someone who spends most of their day on a PC. It provides the ease of accessibility to WhatsApp users, so they won't have to pick up their phone again and again for messaging. The big screen and keyboard provides an overall better user experience too.

Here's the caveat though. As handy as the web version is, it can be easily used to hack into your WhatsApp chats. This danger arises when you're using the WhatsApp Web on someone else's computer.

So if the owner of the computer has selected the "keep me signed in" box during login, then your WhatsApp account will stay signed-in even after you've closed the browser.

The computer owner can then access your information without much difficulty.

You can avoid this by making sure that you log out from WhatsApp Web before you leave.

But as they say, prevention is better than cure. The best approach is to avoid using anything other than your personal computer for the web version of WhatsApp altogether.

9. Exporting Your Chats

This isn't the traditional method you'd find on the "how to hack someone's WhatsApp" guides. While some of the other methods are really elaborate, and some just capitalize on blank spots in the human psyche, this one simply requires physical access to your smartphone.

And no, the hacker doesn't need a lot of time with your phone, either; just a few seconds is enough. This gives them enough time to export your messages to a location they can later access. It could be anything: an email account, cloud storage, or even a messaging app.

Once a hacker has access to your phone, all they have to do is move to a specific chat, click on the Export chat option and select the location they'd like to move your message history to.

The solution? The ironclad way to protect yourself is to keep your phone away from unfamiliar hands at all times. Furthermore, you have the option to enable fingerprint lock for your WhatsApp. Here's how:

  1. Head to Accounts > Privacy > Fingerprint lock.
  2. Toggle the Unlock with fingerprint option on, and set the lock activation to Immediately.

Now, every time your WhatsApp is picked up after inactivity, your fingerprints will be required to launch the app.

Stay Aware of Security Issues in WhatsApp

These are just a few examples of how your WhatsApp can be hacked. While WhatsApp has patched some of these issues since their disclosure, some weak spots persist, so it's important to stay vigilant. To learn more about whether WhatsApp is safe, you need to brush up your knowledge of WhatsApp security threats. Always keep yourself updated!

Update Your App to Stay Safe

Messaging service WhatsApp recently confirmed that a major vulnerability allowed hackers to install remote surveillance software on phones and other devices. The hackers used the vulnerability to target several users and was almost certainly the work of "an advanced cyber-actor."

WhatsApp carries a strong reputation as a secure messaging app. But now the Facebook-owned messenger is under scrutiny. How did the hackers breach WhatsApp? And is WhatsApp still safe to use?

WhatsApp Security Breach Allows Malware Installation

The vulnerability exploits WhatsApp's voice calling to ring the target's device. Once the call starts, an advanced surveillance tool installs. The victim doesn't need to answer the call; the malware still installs. After the incoming call finishes, the surveillance tool wipes any notifications and call logs relating to the malware.

The spyware itself is capable of trawling through and collecting phone call data, messages, photos, and videos, as well as activating and recording the microphone and camera. It is an advanced, dangerous piece of malware that could cause significant damage. However, while the malware itself and the exploitation of WhatsApp is advanced, the attack leveraged a pretty old method of attack.

WhatsApp owner Facebook published a security advisory describing the hack as "A buffer overflow vulnerability in WhatsApp VOIP [voice over internet protocol] stack allowed remote code execution via specially crafted series of SRTCP [secure real-time transport protocol] packets sent to a target phone number."

A buffer overflow is where a program, or in this case, app, accesses system memory it should not have access too. If an attacker can figure out how to run code in the unauthorized memory area, they can execute something malicious, which is what has happened here.

Which Devices Does the WhatsApp Hack Affect?

All of them, simply put.

If your phone has WhatsApp or WhatsApp Business installed, the vulnerability could affect your device. That means Android, iOS, Windows 10 Mobile phones, and Tizen devices.

Who Is Behind the WhatsApp Hack?

There are strong suspicions that the Israeli cybersecurity company, NSO Group, is behind the hack. The NSO Group has a strong history of producing such advanced malware, as well as having the expertise to execute something of this nature.

Facebook told the Financial Times that the "attack has all the hallmarks of a company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems."

The statement is referencing the Pegasus spyware the University of Toronto's Citizen Lab discovered in 2016. Citizen Lab uncovered Pegasus after the highly advanced malware was used to target prominent human rights activist, Ahmed Mansoor. Pegasus used three individual zero-day exploits to conduct a remote iPhone jailbreak. It forced Apple to release an unexpected iOS update to patch the vulnerabilities.

Aside from the alternative method of attack, the WhatsApp hack demonstrates another worrying development. The malware delivered by the WhatsApp exploit didn't require a click or tap to install. The malware is silent, installs itself, and then deletes the evidence.

The NSO Group released a statement attempting to distance themselves from the WhatsApp hack.

"NSO's technology is licensed to authorized government agencies for the sole purpose of fighting crime and terror. The company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions.

"We investigate any credible allegations of misuse, and if necessary, we take action, including shutting down the system. Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.

"NSO would not or could not use its technology in its own right to target any person or organization, including this individual."

Am I At Risk of the WhatsApp Hack?

Honestly, it is highly unlikely that you will become a direct victim of the WhatsApp hack.

Attacks of this nature are rare, usually the work of a state-backed threat actor. (What is a nation-state threat actor, anyway?) The orchestrators only use such an attack to target specific individuals or organizations. Once security researchers discover and analyze the attack, it is usually as good as done. The vulnerable or exploited service, app, program, or otherwise will take action and patch the issue, ensuring no one can use it.

Therefore, you can safely assume that you are not a target.

The few targets identified confirm this theory: an Amnesty International researcher, a UK-based human rights lawyer, and others.

It's Time to Update WhatsApp

That said, it is time to update WhatsApp on your devices. WhatsApp rolled out an urgent update in the days immediately following the hack. The update patches the vulnerability.

How to Update WhatsApp on Android

  1. On your device, open the Google Play Store
  2. Tap the menu icon in the top-left corner
  3. Open My Apps & Games
  4. Check to see if WhatsApp has already updated; it will appear near the top of your apps list if so
  5. Otherwise, find WhatsApp on the list and select Update

How to Update WhatsApp on iOS

  1. On your device, open the App Store
  2. Tap Updates
  3. Check to see if WhatsApp has already updated; it will appear in the list of apps with an Open button
  4. If not, the button will say Update; tap the button to install the WhatsApp update

Is WhatsApp Still Safe to Use?

The big question. Can you still use WhatsApp safely?

Yes.

Despite how certain publications attempt to frame the WhatsApp hack, the app is still safe to use (after you update!). As you see from the identified targets, unless you fit that bracket, you are not going to encounter an attack of this type.

The post-WhatsApp hack issue lies with poor reporting. WhatsApp carries a reputation for protecting privacy because it uses end-to-end encryption to secure your communication. The fact of the matter is that this attack didn't breach the encryption.

Publications that frame the attack in this manner only seek to capitalize on the misunderstandings and murkiness already present in a situation with such high-level threat actors.

The WhatsApp hack was a highly specialized and almost invisible attack that WhatsApp and Facebook did well to spot before more targets were compromised. Presenting it in any other manner, as if it is like a regular WhatsApp phishing attempt or a drive-by malware download, is irresponsible.

Thinking about leaving WhatsApp? Try these WhatsApp alternatives that guard your privacy.

Any WhatsApp user can have their account taken away. You don't need to be a hacker to do this

software Soft Security User Internet Internet software Technology

|

Share

    nine0015

    There is a flaw in WhatsApp that allows attackers with zero hacking and programming skills to permanently block any user's account. They only need to know their phone number and nothing else, and there is no way to protect themselves from potential blocking. WhatsApp developers are in no hurry to fix the problem.

    New bug in WhatsApp

    Each WhatsApp user can lose their profile at any second with a minimal chance of recovery. According to Forbes, it is simply impossible to protect against this, and the attacker will not even need to hack the gadget - he just needs to know the user's phone number, after which he can initiate the procedure for blocking him without the possibility of re-authorization in the system. nine0005

    The ability to deprive anyone of using WhatsApp is a consequence of a giant vulnerability discovered in the messenger by information security specialists Luis Carpintero and Ernesto Pereña (Ernesto Canales Pereña). They notified the developers of WhatsApp about their discovery, but they have not yet released a patch that fixes the breach, thereby leaving 2 billion users at risk of losing their account.

    WhatsApp does nothing to protect users from blocking their profile

    WhatsApp is the most popular instant messenger in the world. According to Statista.com, in terms of the number of monthly active users as of January 2021, with its more than 2 billion, it was ahead of Facebook Messenger (1. 3 billion) and Chinese WeChat (1.21 billion), along with QQ (617 million). WhatsApp has been owned by Facebook since February 2014.

    How vulnerability works

    Vulnerability in WhatsApp makes it possible to completely block the victim's account and is carried out in two very simple steps, in each of which the perpetrator does not even need hacking or social engineering skills - he will not contact the profile owner at all. nine0005

    WhatsApp standard authorization window

    At the first stage, an attacker simply needs to install WhatsApp on a smartphone and try to log in using the desired phone number. The messenger will send him an SMS with a confirmation code, and here there is a calculation that the owner of the number will ignore them. After several such attempts, the application on the attacker's device will report too frequent authorization attempts and allow the next one only after 12 hours. At the same time, WhatsApp on the victim’s device will continue to work as before. nine0005

    Notification that authorization was not possible due to an excessive number of attempts

    In the second step, the attacker registers a new email address and writes a letter to WhatsApp technical support saying that his account was lost or stolen. He asks to turn it off and indicates the number of the victim. WhatsApp can send an automatic email asking you to write the number again, and the attacker will do it.

    Letter to WhatsApp technical support requesting blocking

    Next, WhatsApp, without making sure that the real owner of the account wrote to technical support, initiates the blocking procedure. After about an hour, the messenger will suddenly stop working on the victim's device - she will see a message that her number is no longer registered in the system. “It could be because you registered it on another phone. If you haven't done so, verify your phone number to log into your account again," the notification will say. nine0005

    WhatsApp response with confirmation of the request

    All of this will work even if the user has enabled two-factor authentication. An attempt to request a new code will fail - WhatsApp will allow you to do this only after 12 hours.

    Bonus stage and full blocking

    If the attacker decides to stop at the second stage, then everything will end up with just the inability of the user to connect to WhatsApp with his number for several hours. After a maximum of 12 hours, the user will be able to regain control over his account and continue working in the messenger exactly until someone wants to repeat the "trick" with the blocking. nine0005

    But in fact there is an additional, third stage, leading to a complete blocking of the account.

    This stage can actually become the second - the attacker does not have to send a letter to WhatsApp support, he can just wait 12 hours, and then again make several attempts to register someone else's number on his phone. After the third 12-hour blocking, WhatsApp will break, and instead of a timer counting down the time until the next authorization attempt, it will show “-1 second”, moreover, constantly. This is a malfunction in the messenger, which cannot be bypassed. nine0005

    A stuck timer on the phones of the victim (left) and the attacker

    This picture will be observed both on the hacker's device and on the victim's smartphone, and as a result, no one else will be able to log in to the messenger using this phone number. The only thing left is to try to contact WhatsApp technical support and look for ways to solve the problem.

    WhatsApp does not solve the problem

    A Forbes article shedding light on a new WhatsApp issue was published on April 10, 2021. By April 13, 2021, the developers have not released an update to fix it and have not set a release date for it. nine0005

    Keys to security: What is important to consider when publishing software source code in the national open source repository

    Security

    Instead, they are preparing to implement a new privacy policy, according to which the messenger will automatically transfer huge amounts of personal data of users to Facebook for better ad targeting.

    This policy was intended to be implemented by WhatsApp on February 8, 2021, but was forced to temporarily abandon this idea due to a flurry of criticism. The new date for its entry into force is May 15, 2021, and all those who are not going to agree with it are in for a very serious punishment. nine0005

    In February 2021, CNews wrote that those who disagree with the new WhatsApp privacy policy will no longer be able to send and receive text messages. Developers will leave them only voice calls. Moreover, the profiles of those users who stop using WhatsApp and switch to other messengers are guaranteed to be completely deleted.

    WhatsApp other issues

    WhatsApp is known not only for the fact that it is used by billions of people, but also for the fact that if it appreciates its users, it is far from always. So, for example, in June 2020, it became known that some phone numbers linked to user profiles in WhatsApp had been in the public domain for a long time and even got into Google search results. In total, with the help of Google, it was possible to find up to the number of about 300 thousand users of the messenger, and this problem was of a global nature. nine0005

    WhatsApp is still in first place in terms of the number of users

    In November 2019, CNews reported that WhatsApp users were automatically permanently banned for participating in harmless group chats. It turned out to be possible to fall under sanctions for changing the name of the chat to something that would seem to the moderators of the service as something sinister, illegal or malicious.

    Results of the year: PIX Robotics completes Europe's largest RPA migration project

    Market nine0005

    At the same time, WhatsApp was in no hurry to fix this failure. The employees of the messenger responded to all requests from the victims about the reasons for blocking that the users themselves violated the rules of the service, and the fault in blocking lies solely with them. As a result, people had to either change their phone number to register a new profile, or go to other services - Telegram, Viber, Signal and others.

    • Applications for spying on someone else's smartphone, for which you will get nothing

    Elyas Kasmi


    WhatsApp vulnerabilities and how to protect yourself from being hacked

    Hello.

    Pavel Durov needs to be thanked for this topic, as he uses every chance to kick his direct competitor in the face of WhatsApp. This time, Pavel burst out with a lengthy message that WhatsApp is insecure (once again) and can be broken.

    Let's give a translation of what Durov said:

    Hackers could have full access (!) To everything on the phones of WhatsApp users. nine0005

    This is made possible by a security issue that WhatsApp itself reported last week. All the hacker had to do to gain access to your phone was send you a malicious video or start a WhatsApp video call with you.

    You're probably thinking, "Yeah, but if I update WhatsApp to the latest version, I'll be safe, right"?

    Not really.

    The exact same WhatsApp security issue was discovered in 2018, then another in 2019year and another one in 2020 (click on each year's link to see the corresponding vulnerability). And yes, in 2017 before that. Until 2016, WhatsApp had no encryption at all.

    Every year we hear about a problem in WhatsApp that puts all users' devices at risk. This means that there is almost certainly a new security breach already in place. Such problems are hardly accidental - they are laid down by backdoors. If one backdoor is found and needs to be removed, another is added (read Why WhatsApp will never be secure to see why). nine0005

    It doesn't matter if you're the richest person on earth - if you have WhatsApp installed on your phone, all your data from every app on your device is available, as Jeff Bezos found out in 2020. That's why I deleted whatsapp from my years old device. Installing it creates a door to enter your phone.

    I don't push people to switch to Telegram. With 700+ million active users and 2 million daily registrations, Telegram does not need any additional promotion. You can use any messaging app you like, but stay away from WhatsApp - it's been a snooping tool for 13 years. nine0005

    Durov has been creating the image of a fighter for privacy for many years, which sometimes looks funny. But the claims against WhatsApp are quite justified, since the company is really trying to collect as much data about you and your actions, in addition to this, “accidentally” there are security holes that allow you to steal user data. And here it doesn’t matter if it was done on purpose or by accident, the fact is that you can be hacked.

    As in any horror story, there is a certain distortion in Durov's words, you cannot get full access to all your data via WhatsApp. Go to app permissions and see exactly what WhatsApp can do. nine0005

    By and large, it can steal your contacts, as well as photos and videos, plus all the documents that you store on your device. On iOS, the situation is about the same, there are no differences. For example, installing unknown applications from this application is prohibited by default for everyone (on iOS there is no such option at all). So you can feel relatively safe, not to worry that applications unknown to you will appear.

    But downplaying the problem and dismissing it is also not worth it, access to your data is an unpleasant moment. And here the question arises, how much do you need WhatsApp and how to put up with the fact that it is full of holes. The same Telegram was not caught on vulnerabilities, a couple of times competitors made formidable accusations, but they could not back them up with something significant. Like, they just know that they are there too. In theory, of course, there are, in practice we do not know about them. nine0005

    The easiest way is to limit the permissions of WhatsApp, but then the application will be inapplicable in practice, this way looks like pure masochism, then it’s easier to refuse it altogether. By the way, in Russia, the popularity of WhatsApp has long declined, it is used out of habit by a fairly small group of people, Old Believers, who are not inclined to exchange for something new. If you look at the application traffic, it will become clear that WhatsApp is kept for show, since the cat cried traffic, the main communication goes to Telegram. nine0005

    We conducted a survey in our Telegram channel about what messengers you use (yes, it's funny - to ask in Telegram what messenger you have), but many people have a bunch of Telegram and WhatsApp.

    Poll can be found here

    I have exactly the same bunch, only WhatsApp is on the second device, where there is absolutely nothing, and at the same time it is transferred to the protected KNOX folder. In Samsung, this is a phone within a phone, where the permissions for applications are exactly the same, but they do not have access to the main memory. That is, in fact, this is not just my second phone, but also another protected zone inside it, from which WhatsApp cannot escape, and at the same time access my files. At the same time, I see notifications as usual, I do not miss messages. nine0005

    Perhaps you don’t have a Samsung smartphone, then you will have to get out of the situation somehow differently, for example, start the same WhatsApp on the second phone (if you have something to hide, then most likely there will be money for a second phone) .

    Most people habitually shrug off security and are ready to share their photos with those who wish, and so, they say, there is nothing like that. In principle, the way it is, we do not hide any secrets in photos and videos, but the very idea that someone can delve into my memories or work files is unpleasant to me. nine0005

    The biggest annoyance is not remote hacking of your WhatsApp, the probability of this event is minimal. Usually, data is leaked from your phone when someone gains access to it. Turn on the app lock with your fingerprint, it will help you avoid the curiosity of strangers who somehow managed to take your phone without your knowledge.

    Learn more