loader image

Are you a WhatsApp user?  If so, be aware that hackers have worked out a means of hijacking a user’s WhatsApp account and gaining access to a user’s contact list and personal messages.

The attack relies on mobile carriers’ automated service to forward calls to different phone numbers, which is a service every major mobile carrier offers.

Unfortunately, it can be exploited by hackers by tricking users into forwarding their calls to a number that the hackers control. So when WhatsApp sends a one-time password (OTP) verification via voice call, the hackers wind up with the code.

Rahul Sasi is the CEO and founder of CloudSEK which is a digital risk protection company.

Sasi had this to say about the attack:

“First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405*. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account.”

Once the hackers have tricked a user into forwarding their calls, they initiate the WhatsApp registration process on their device, naturally choosing the option to receive the OTP via voice call.

There are a few caveats here, and this methodology is by no means fool proof.  For example, the victim does get a text message stating that his/her WhatsApp account is being registered on another device.  When there’s a lot going on that’s easy to miss, but an observant user won’t.

Also, if call forwarding has already been activated on the victim’s device, then the attacker must use a different phone number than the one used for the redirection.  This usually won’t stop a determined attacker, but it will take a bit more social engineering and moxie to pull off.

The bottom line is, if you’re a WhatsApp user, someone may try this on you. So be on the alert for it.


FREE Report

The Portland Metro Area Guide to IT Support Services and Fees

What you should expect to pay for its support for your small business (and how to get exactly what you need without unnecessary extras, hidden fees, and bloated contracts)

This field is for validation purposes and should be left unchanged.