Popular messaging platform WhatsApp has become a talking point for quite some time now. It comes with several security features, like the use of end-to-end encryption to keep messages private. Despite having such features, hackers try various ways and means to compromise the privacy of your messages and contacts.
Check out the eight ways that WhatsApp can be hacked:
1. Remote Code Execution via GIF
Security researcher Awakened had earlier revealed a vulnerability in WhatsApp that basically allows hackers to take control of the app with the help of a GIF image. It functions in a way that the hackers take advantage of the way WhatsApp processes images when the user opens the Gallery view to send a media file.
After that, the app parses the GIF to show a preview of the file. GIF files have multiple encoded frames which means that there are several codes that are hidden within the image.
If a hacker plans to send a malicious GIF to a user, they could hack the entire chat history of the user and they can also get to know who all are sending messages to the user along with the files, photos, and videos sent through WhatsApp.The vulnerability affected versions of WhatsApp up to 2.19.230 on Android 8.1 and 9.
2. The Pegasus Voice Call Attack
The Pegasus Voice Call attack was discovered in early 2019. By this attack, hackers used to get access to a device by simply doing a WhatsApp voice call and even if the user doesn’t pick up the call, the attack would be successful. The user is also unaware of the fact that the malware has been installed on their device.
This attack installed an older and well-known piece of spyware called Pegasus which basically allows hackers to collect data on phone calls, messages, photos, and video. It even lets them activate devices' cameras and microphones to take recordings.
This kind of attack was used by the Israeli firm NSO Group which has been accused of spying on Amnesty International staff and other human rights activists. After news of the hack broke, WhatsApp was updated to protect it from this attack.
3. Socially Engineered Attacks
WhatsApp is vulnerable through socially engineered attacks as it exploits human psychology to steal information or spread misinformation.
Security firm CheckPoint Research revealed one such attack called FakesApp which allowed people to misuse the quote feature in the group chat and to alter the text of another person's reply. Taking advantage of that, hackers could plant fake statements that appear to be from other legitimate users.
This was possible by decrypting WhatsApp communications and it allowed them to see data sent between the mobile version and the web version of WhatsApp.
After that they could change values in group chats and further impersonate other people, sending messages which appeared to be from them.
The text replies also could be changed.
4. Media File Jacking
Media File Jacking harshly affects both WhatsApp and Telegram. This attack takes advantage of the way that apps receive media files like photos or videos and write those files to a device's external storage.
The attack starts by installing malware hidden inside an app and then monitoring incoming files for Telegram or WhatsApp.
5. Facebook Could Spy on WhatsApp Chats
In a blog post, WhatsApp implied that because it uses end-to-end encryption, it is impossible for Facebook to read WhatsApp content:
"When you and the people you message are using the latest version of WhatsApp, your messages are encrypted by default, which means you're the only people who can read them. Even as we coordinate more with Facebook in the months ahead, your encrypted messages stay private and no one else can read them.
Not WhatsApp, not Facebook, nor anyone else."
However, a developer called Gregorio Zanon disagreed with WhatsApp and said that not every message is private and on an operating system like iOS 8 and above, apps can access files in a "shared container."
Both the Facebook and WhatsApp apps perform the same shared container on devices. While chats are encrypted when they are sent, they are not necessarily encrypted on the originating device. This means the Facebook app could potentially copy information from the WhatsApp app.
6. Paid Third-Party Apps
Third party legal apps have increased in the market and they are being used to hack the secure systems and it could be done by big companies to work hand-in-hand with oppressive regimes to target activists and journalists; or by cybercriminals intent on getting your personal information.
Apps like Spyzie and mSPY can easily hack into your WhatsApp account by stealing your private data.
A user needs to just purchase the app, install it, and activate it on the target phone.
7. Fake WhatsApp Clones
Fake websites clones can be used for installing malware and these clone sites are known as malicious websites.
This has also been adopted for breaking into Android systems. To hack into your WhatsApp account, an attacker will first try to install a clone of WhatsApp, which might look strikingly similar to the original app. The classic case is the WhatsApp Pink scam.
8. WhatsApp Web
WhatsApp Web can also be hampered by hacking into the computer that WhatsApp has been logged in.
Live TV
Home Tech News Beware! Your WhatsApp account can be hacked easily; here’s how this cybcercrime works
Beware! Hackers can hijack your WhatsApp account and get access to personal messages and contact list too. Hackers reportedly use mobile phone carriers' automated service to forward calls to a different phone number, and WhatsApp's option to send a one-time password (OTP) verification code via voice call to get access to your personal details. Security researchers at CloudSEk have detected a new scam that enables hackers to gain control of WhatsApp users' accounts via a simple phone call. Hackers call targets and ask them to call on numbers starting with '67' or ‘405'. Once the call is made, the users are logged out of their WhatsApp accounts as hackers gain complete control of their accounts within seconds.
As reported by CloudSEK, the hackers send a number that resembles service requests for various telecom operators for ‘call forwarding' when their number is busy or engaged. Once the call is sent, hackers forward victims' calls to their number.
In the mean time, the hackers start the WhatsApp registration process and choose “the option to send OTP via a phone call” and while the user is busy, the OTP is sent to the attacker's phone. Hackers convince users to make a call to the number **67*<10 digit number> or *405*<10 digit number>. Also Read: Delete these apps from your phone now! Google has banned them from Play Store over Joker threat
The security researcher further shared that this trick can also be used to hack anyone's WhatsApp account if a hacker has physical access to their phone and has permissions to make calls. “Every country and service provider has a similar service request number, so this trick works globally,” he added. Also Read: How to avoid ransomware attacks? Check out these easy tips that are tough to foil
The best and the easiest way to protect yourself from a WatsApp hacker is by not responding to calls from unknown numbers or making calls to unknown numbers.
Also ensure that the numbers are not spammed. And most of all, make sure you do not leave your phone lying around where others can pick up.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.
First Published Date: 04 Jun, 10:00 IST
Tags: whatsapp
NEXT ARTICLE BEGINS
5 cool iPhone camera tricks to help you become a better photographer
Know how to take a screenshot on all Android smartphones
Suspicious of someone snooping through your iPhone? Just do this
People are just realising they can mark iPhone messages as unread on iOS 16
Hidden Calculator tricks every iPhone user needs to know
Oppo Reno8 T 5G review: Style tops everything here
This iPhone of a Tattoo artist to sell at the price of a Mercedes SUV!
iPhone 14 long term review: Stands tall and strong no matter what you throw at it
Got your first iPhone? These MUST-do things that you should follow immediately
iPhone 14 Quick review: Worth it? Camera, Crash Detection to Gaming- You BETCHA!
iPhone 14 Plus vs Samsung Galaxy S23 Plus: Plus sized luxuries! But which one is better?
Warning! Remove these 203 malicious apps from your phone now to stop attack; check list
Apple AirTag finds stolen Toyota Camry car within hours!
5 cool iPhone camera tricks to help you become a better photographer
Oppo Reno 8T 5G Quick Review
Call of Duty Mobile Season 2-Heavy Metal trailer is OUT! Check what’s new
Play 3 hours of God of War: Ragnarok for FREE! Special offer for PlayStation Plus Premium users
Minecraft Snapshot 23w07a is out; Cherry blossom biome added! Check how to download
Reviewers rave for 'Hogwarts Legacy' video game despite backlash
China approves 87 new video games including titles by Tencent and Alibaba
Do you really want to talk about it? It's not every day someone asks how to hack someone else's whatsapp.
This requires a very good reason and most likely some technical skills. We won’t talk about the reasons for a long time, because everyone has their own, and everyone thinks that he is undoubtedly right. In order to hack someone else's WhatsApp, there are many dubious services and programs. Why doubtful? Because trusted developers do not do such things - they are simply illegal. So when trying to hack someone else's whatsapp, you act at your own peril and risk. It is better to resolve all your disagreements in more legal ways.
All the information that will be presented below is for informational purposes only and does not encourage anyone to commit illegal and illegal actions. If so, don't say I didn't warn you. Now, perhaps, we can start.
The easiest way to hack whatsapp is not to hack it. No, we're not on pills here, it's true. All you need to do is access the victim's phone for just a few seconds. Naturally, you do not need to try to read other people's correspondence directly from there - most likely, a complete fiasco awaits you.
The phone is needed to get the activation code from there. You just go to WhatsApp from your smartphone, but enter the number of the one whose correspondence you are so eager to read. An SMS arrives on the victim's phone, you take a code from there, successfully deleting this dangerous message, and enter it on your own. When you activate the messenger on your device, turn on history synchronization, and you're done - all of its messages are now yours.
If you happen to have someone else's phone, you can do the same with WhatsApp Web:
Now you can access everything you need. But remember, you can be easily exposed, as the messenger on the main device will show that someone is using the same account from the web version.
From there, this session can be disabled.
How to hack WhatsApp without someone else's phone? It's also possible.
There are special spyware for hacking WhatsApp, the names of which I don’t even want to mention, since these are unofficial and even illegal applications that, instead of hacking someone else’s account, can easily hack yours. However, according to the creators of such "wonder programs", with their help you can:
Some of these applications even promise their users online tracking of a specific person via WhatsApp. How to do this in case of disabled GPS on the victim's phone is not clear.
In general, if you want to try spyware, remember that you are putting yourself at even greater risk than your victim. And again, it's illegal.
Surely many of you have seen similar advertising headlines on the Internet. Many online services promise to hack whatsapp online by phone number for free. You will be lured in by colorful articles with "smart" content and flashy headlines. You will be told that all this is completely legal, anonymous and safe, and most importantly absolutely free.
The use of such services is even more discouraged than spyware. All such sites are the fruit of the greed of cunning scammers.
If you know hackers… you get the idea. You can contact people directly who can really help with your delicate problem, but remember that the protection of the messenger is built quite strongly, and it is not so easy to hack WhatsApp. There is a good chance that you will pay the right person, but this will not bring any results.
software Soft Safety User Internet Internet software Technology
|
Share
WhatsApp hides a flaw that allows attackers with zero hacking and programming skills to permanently block any user's account. They only need to know their phone number and nothing else, and there is no way to protect themselves from potential blocking. WhatsApp developers are in no hurry to fix the problem.
Each WhatsApp user can lose their profile at any second with a minimal chance of recovery.
According to Forbes, it is simply impossible to protect against this, and the attacker will not even need to hack the gadget - he just needs to know the user's phone number, after which he can initiate the procedure for blocking him without the possibility of re-authorization in the system.
The ability to deprive anyone of using WhatsApp is a consequence of a giant vulnerability discovered in the messenger by information security specialists Luis Carpintero (Luis Carpintero) and Ernesto Pereña (Ernesto Canales Pereña). They notified the developers of WhatsApp about their discovery, but they have not yet released a patch that fixes the breach, thereby leaving 2 billion users at risk of losing their account.
WhatsApp does nothing to protect users from blocking their profile
WhatsApp is the most popular instant messenger in the world. According to Statista.com, in terms of the number of monthly active users as of January 2021, with its more than 2 billion, it was ahead of Facebook Messenger (1.
3 billion) and Chinese WeChat (1.21 billion), along with QQ (617 million). WhatsApp has been owned by Facebook since February 2014.
Vulnerability in WhatsApp makes it possible to completely block the victim's account and is carried out in two very simple steps, in each of which the perpetrator does not even need hacking or social engineering skills - he will not contact the profile owner at all.
WhatsApp standard authorization window
At the first stage, an attacker simply needs to install WhatsApp on a smartphone and try to log in using the desired phone number. The messenger will send him an SMS with a confirmation code, and here there is a calculation that the owner of the number will ignore them. After several such attempts, the application on the attacker's device will report too frequent authorization attempts and allow the next one only after 12 hours. At the same time, WhatsApp on the victim’s device will continue to work as before.
Notification that authorization was not possible due to an excessive number of attempts
In the second step, the attacker registers a new email address and writes a letter to WhatsApp technical support saying that his account was lost or stolen. He asks to turn it off and indicates the number of the victim. WhatsApp can send an automatic email asking you to write the number again, and the attacker will do it.
Letter to WhatsApp technical support requesting blocking
Next, WhatsApp, without making sure that the real owner of the account wrote to technical support, initiates the blocking procedure. After about an hour, the messenger will suddenly stop working on the victim's device - she will see a message that her number is no longer registered in the system. “It could be because you registered it on another phone. If you haven't done so, verify your phone number to log into your account again," the notification will say.
WhatsApp response confirming that the request has been fulfilled
All of this will work even if the user has enabled two-factor authentication.
An attempt to request a new code will fail - WhatsApp will allow you to do this only after 12 hours.
If the attacker decides to stop at the second stage, then everything will end up with just the inability of the user to connect to WhatsApp with his number for several hours. After a maximum of 12 hours, the user will be able to regain control over his account and continue working in the messenger exactly until someone wants to repeat the "trick" with the blocking.
But in fact there is an additional, third stage, leading to a complete blocking of the account.
This stage can actually become the second - the attacker does not have to send a letter to WhatsApp support, he can just wait 12 hours, and then again make several attempts to register someone else's number on his phone. After the third 12-hour blocking, WhatsApp will break, and instead of a timer counting down the time until the next authorization attempt, it will show “-1 second”, moreover, constantly.
This is a malfunction in the messenger, which cannot be bypassed.
A stuck timer on the phones of the victim (left) and the attacker
This picture will be observed both on the hacker's device and on the victim's smartphone, and as a result, no one else will be able to log in to the messenger using this phone number. The only thing left is to try to contact WhatsApp technical support and look for ways to solve the problem.
A Forbes article shedding light on a new WhatsApp issue was published on April 10, 2021. By April 13, 2021, the developers have not released an update to fix it and have not set a release date for it.
Courier delivery and artificial intelligence: card business fintech trends-2022
IT in banks
Instead, they are preparing to implement a new privacy policy, according to which the messenger will automatically transfer huge amounts of personal data of users to Facebook for better ad targeting.
This policy was intended to be implemented by WhatsApp on February 8, 2021, but was forced to temporarily abandon this idea due to a flurry of criticism. The new date for its entry into force is May 15, 2021, and all those who are not going to agree with it are in for a very serious punishment.
In February 2021, CNews wrote that those who disagree with the new WhatsApp privacy policy will no longer be able to send and receive text messages. Developers will leave them only voice calls. Moreover, the profiles of those users who stop using WhatsApp and switch to other messengers are guaranteed to be completely deleted.
WhatsApp is known not only for the fact that it is used by billions of people, but also for the fact that if it appreciates its users, it is far from always. So, for example, in June 2020, it became known that some phone numbers linked to user profiles in WhatsApp had been in the public domain for a long time and even got into Google search results.
In total, with the help of Google, it was possible to find up to the number of about 300 thousand users of the messenger, and this problem was of a global nature.
WhatsApp is still in first place in terms of the number of users
In November 2019, CNews reported that WhatsApp users were automatically permanently banned for participating in harmless group chats. It turned out to be possible to fall under the sanctions for changing the name of the chat to something that would seem to the moderators of the service as something sinister, illegal or malicious.
Is there life after VMware?
import independence
At the same time, WhatsApp was in no hurry to fix this failure. The employees of the messenger responded to all requests from the victims about the reasons for blocking that the users themselves violated the rules of the service, and the fault in blocking lies solely with them. As a result, people had to either change their phone number to register a new profile, or go to other services - Telegram, Viber, Signal and others.
