A new hack is targeting WhatsApp users. Cybersecurity experts are issuing warning about this old yet updated hack.
This particular WhatsApp hack has been in the wild for many years now. It is one of the most effective hacks in the platform’s history. Once properly executed, it is capable of hijacking a user’s account and steal user information.
Reports about this hacking method start popping up last year. Many cybersecurity experts agree that the hack itself is not complicated to launch. However, the hack relies heavily on social engineering mechanisms and the target’s lack of technical aptitude.
How the hack works
Much like most of online accounts, WhatsApp relies on the user’s phone number for verification purposes. Services usually treat phone numbers as unique user identifiers. Security measures like two-factor authentication also rely heavily on phone numbers.
WhatsApp usually uses SMS as a form to send a six-digit code for user verification. This means that if the hacker manages to get ahold this six-digit code, the target can be easily spoofed. In essence, the strength of SMS-based codes is what turns out to be its own weakness.
SHARE: A #Whatsapp hack is doing the rounds.
If you get a message from someone in your contacts telling you they've accidentally sent you a verification code and ask for you to send it back to them – don't!
— Hits Manchester News (@hitsmcrnews) April 6, 2020
Once hackers get ahold of this important information, they can install WhatsApp into their own device. The verification process relies on SMS and not the actual physical device. This means that hackers can spoof their way into their target’s device if they have the necessary information.
How to prevent the hack
Since the hack relies heavily on social engineering, experts warn users of sharing their user credentials. Users should not share information like username, password, emails, and phone numbers.
Most hackers will impersonate people who are close or who know their targets. In such a case, user vigilance is always important. Experts warn users not to trust unknown contacts and always check the identity of the person they are communicating with.
Experts advise that if users receive unwanted email or SMS notifying them of any change, they should check their accounts. Moreover, it is also important to add a backup email address or other forms of communication to the account.
Many consider WhatsApp as a secure platform that provides message encryption to users. While it is true, there are still facets of the platform that are prone to hacking.
WhatsApp constantly reminds its users to be vigilant in order to prevent these kinds of hacks. The company adds that it is constantly adding new features to keep its platform secure.
Image courtesy of Allie/Unsplash