The researchers described an attack that allows hackers to take over someone else’s WhatsApp account, gaining access to private messages and contact list.
It’s all about the functionality of WhatsApp, which allows transferring one-time passwords through voice calls.Let me remind you that we also talked about the fact that Hackers can change media files transmitted via WhatsApp, and also that WhatsApp denies Facebook has access to users’ private messages.
CloudSEK specialists told about this hacking method. For such an attack, the hacker will need only a few minutes, although in order to take over someone else’s account, you need to know the victim’s phone number and be ready to use social engineering.
First, the attacker will need to convince the victim to call the number that starts with the MMI code that the carrier uses to activate call forwarding. Depending on the operator, the MMI code may include forwarding all calls to another number or only when the line is busy or the subscriber is not available. Typically, these codes begin with an asterisk (*) or pound sign (#) and are supported by all major carriers.
Once the attacker has convinced the victim to forward calls to his number, he initiates the WhatsApp registration process on his device, choosing to receive a one-time code via voice call.
Once the code is obtained, the hacker can register the victim’s WhatsApp account on their device and enable two-factor authentication, which will prevent the real owner of the account from regaining access.
It should be noted that during the attack, text messages will be sent to the target device informing that WhatsApp is being registered on another device. But the user may overlook these warnings, especially if the attacker resorts to social engineering and engages the victim in a telephone conversation while receiving a one-time password from the messenger.
Experts note that protecting against this type of attack is very simple: just enable two-factor authentication in WhatsApp.
