The methods used by attacker to obtain sensitive data are
constantly evolving. It is enough to inform yourself a little about the world
of information security to understand that in this period the authorities have
a lot to do to try to "keep up" with the new problems. Between
phishing, ransomware and so on and so forth, we are witnessing a large number
of criminal actions (and we can only analyze those that have come to light
publicly). In this context, we recently learned of two cases of acquaintances of
a member of the editorial staff whose WhatsApp account was stolen . So far,
unfortunately, there is nothing surprising, given that in the past the bad guys
have carried out operations of this type.
However, what we have nots been able to explain with certainty
is the fact that the criminals, after gaining access to the victims' profile,
managed to send messages with malicious content without the victims noticing
anything (in fact, the profiles they continued to be used quietly by the
latter, who later learned of the matter from those who received the
incriminated messages). So we asked ourselves: how is it possible that similar
things have happened, since usually the WhatsApp profile is deactivated when
you switch from one device to another and you need to enter a confirmation code
received via SMS to proceed? We have analyzed the situation, in order to inform
you of what is happening.
The indications in this article, based solely on official
features made available by WhatsApp and public sources, are purely for
information purposes , as well as designed to try to understand what can be
done to defend oneself in these cases, therefore neither the author nor
Everyeye .it assume responsibility for the possible uses that could be made of
it.
Check WhatsApp Web (or Desktop)
We cannot know for sure the techniques used by attackers to
gain access to the account of unsuspecting victims, we can only make
assumptions and analyze public information, relying on the latter to defend
ourselves and activate the available security options. In this context, it
occurred to us that WhatsApp Web (or desktop) does not require confirmation via
SMSor deactivation of an account to use the service. In fact, it is sufficient
to simply frame a single time the appropriate QR Code from the device with
which you have legitimately logged in to then be able to potentially use the
profile "indefinitely". Of course, it is necessary that the original
device, that is the one in which the access was actually made, is connected to
the Internet, but you understand well that, given the "massive" use
we all make of the smartphone, this happens constantly.
Could the bad guys have somehow managed to "hack"
the QR code and access some people's profiles? Difficults to say, what is
certain is that, in the event of unusual accesses of this type, the mobile
device generally sends specific notifications to the user. A first piece of
advice to defend yourself is therefore to always keep an eye on all WhatsApp
alerts and pay attention to any logins made via WhatsApp Web (or desktop). In
particular, it may be useful to open the app, press the three dots icon in the
top right, select the "WhatsApp Web" item and take a look at any
suspicious accesses. In case there is something strange, just tap on the activity
box that does not convince you and press on the "DISCONNETTI" item.
In this way, in case there is someone who is using this method to
"spy" or use your WhatsApp account, you would "cut him
out".
Set all appropriate security options
In addition to the
aforementioned check, we also recommend that you take a look at all the
security settings offered by WhatsApp . To do this, just open the application,
press the three dots icon located at the top right and select the
"Settings" item. Then tap on the "Account" box and check
that you have configured everything correctly. For example, if you are in doubt
that someone was able to physically access your device while you weren't paying
attention, you can think about going to the "Privacy" section and
enabling the fingerprint lock . In this way, the only thing that can be done
without it is to answer calls,
For the rest, another option that might come in handy is the
"Two-Step Verification" , which will ask you to enter a PIN when
trying to register your phone number on WhatsApp. In short, make your choices
to try to defend yourself, depending on what you think is appropriate. In any
case, we reiterate that, if someone tries to activate your number on another
device, usually the account is deactivated on the original smartphone (so you
should notice). In fact, the functionality to use the same account on multiple
devices at the same time is yet to arrive .
Cases are on the rise
Now that we have take a look at the possible cause of the
problem and the security options provided by WhatsApp, it is good to delve into
the situation in general. The reason why this article is here are in fact two
cases, reached the ear of a member of the editorial staff, of people not
related to each other who have seen their WhatsApp account stolen in an
apparently "inexplicable" way. Is it therefore possible that these
are simply isolated events? Difficult to say but we have tried to find out
more, as much as possible, trying to bring out everything we know about the
subject. In this context, the State Police recently warned of false messages
from alleged "friends" .send a code, don't do it . In fact, the
Postal Police claims to have received many reports of this type: it is a method
used by attackers to steal WhatsApp accounts, trying to exploit the alleged
knowledge of the sender.
The reality is that your "friend" has probably not
sent you any messages , but has ended up in the crosshairs of the bads guys,
who are using his number to carry out criminal activities. Be very careful:
through this method, hackers can potentially access the contacts you have in
your address book and carry out their illegal operations even "in your
name" (just like they did with the "friend" who sent you the
message) . The State Police advises never to click on any links in
"strange" messages and to activate the two-step verification , to
which we have already referred above, to defend yourself. In addition, you can
find other useful information by consulting theofficial guidelines of WhatsApp
, which also explains how to recover your account in case of theft (usually,
unless "sophisticated" methods have been implemented, just access the
legitimate application of the service, get the SMS sent verification and
confirm it). If you have fallen victim to the theft of your account, it is
strongly recommended to report to the Postal Police , always available through
the dedicated portal , in order to allow those in charge to carry out the
investigations.
Going beyond our country, the number of stolen WhatsApp
accounts appears to be on the rise in various parts of the world . In fact, the
Southwark Police (London, UK) recently posted a tweet to warn people, reminding
them not to give any codes received via SMS or call to anyone and activate
two-step verification . In addition, you may want to hide, for privacy reasons,
the profile picture , perhaps allowing it to be viewed only by someone
"trusted" (also remember that, in the case of "strange"
requests from alleged "friends", in general a simple call can be
usefulto understand at least if they really were the ones to send a certain
message). In short, pay close attention to links, calls and messages in general
that are suspicious. Sometimes, the bad guys might even try to make you press
on certain seemingly "funny" or "interesting" content ,
which your "friend" might send you to make you laugh. The method used
by the criminals in these cases is to try to "gain the victim's
trust" . The advice is therefore to never trust too much.
To give you a concrete example of malicious action that took
place abroad, according to what was reported by the News18 website , in India
just a few weeks ago there were problems of this type. Among other things, just
as happened in at least one Italian case, the victims are young students. In
fact, the criminals managed to obtain, through the classic groups used to
organize school activities , the WhatsApp numbers of some children (or parents)
and send obscene messages , probably malicious. You understand well that in a
context like the present one, in which many students take lessons from home,
the bad guys could unfortunately find "fertile ground" for this type
of illegal activity. In these cases,you must not click on any suspicious links
or content . Furthermore, it is good to make the right reports to those in
charge, as also done in India: in this specific case, the school administration
has proceeded to make a complaint against unknown persons. Among other things,
the school has tried unsuccessfully to carry out internal investigations to try
to find the culprits (or the culprit), who apparently also used, it is not
clear how, identity documents. fakes. Now the "ball" has therefore
passed to the cyber security expertslocal. Unfortunately, it is always complex
to understand which methods the bad guys use, as we can obviously only rely on
what has been made public (which perhaps has been reported by someone who does
not know very well the world of computer security).
Expert analysis of one of the methods used
In this context, it is interesting to deepen what emerged in
April 2021 from the analysis of ESET security experts (who relied on a previous
Forbes investigation ). Suspicious of the increase in theft of WhatsApp
accounts, the latter have in fact deepened the story, trying to understand what
could be the methods used by the attackers . In this way, one of the possible
procedures exploited by criminals to get hold of the profiles of the victims
came to light. Put simply, the bad guys in some cases continued to request the
WhatsApp verification code , until they reached the limit. In this case, the
user is "bombarded" with messages or calls containing the code , so
realizing the problem and taking all the necessary precautions (for example,
activating the two-step verification and contacting the right person ) is
actually potentially "easy". However, you understand that some might
think this is a "bug" or "spam", thus ignoring these
warnings.
Do not underestimate the situation : from the investigations
carried out by cyber security experts, it emerged that WhatsApp systems have a
limit of requests that can be made in this way. The method used by the
attackers is therefore to reach this limit, "blocking" the
possibility of obtaining other codes for about 12 hours . At that point, if the
user fails to take precautions (for example, contacting whoever is
responsible), criminals can attempt to contact WhatsApp support via a fake
email address, pretending to be the attacked user and stating that you have
lost your smartphoneor that the latter has been stolen. Put simply,
"social hacking" is carried out, trying to manipulate people's
"feelings" and pretending an "urgent" situation. Do you
think that a method based on a similar approach has been used by some criminals
even to obtain sensitive data relating to a large company like Electronic Arts
. In these contexts, if the attackers' attempt is successful, the unsuspecting
victim's account is usually disabled for 12 hours.
This therefore allows the user to notice it, but apparently
the attackers have found a method, reaching the limit several times, to
"haywire" the security options of the service. A sort of
"bug" could therefore allow criminals to get their hands on the
account, "reactivating" it in a short time. In this case, the
"real" user is actually "blocked" from accessing WhatsApp ,
but it is not clear whether, at this point, the attackers have also exploited
some other "glitch" to be able to reuse the account without them the
user notices it (at least until someone reports the strange messages coming
from his profile).to implement these operations, so it is difficult to say with
certainty what happened in the cases that have "reached our ears"
(even if, once the analysis has been carried out, it is plausible that the
attackers have passed through WhatsApp Web , but we cannot be safe). Through
Forbes microphones, WhatsApp recommended using two-step verification associated
with an email address to eventually allow the official support team to be able
to help more in cases like these. Otherwise, the instant messaging application
team claimed to have initiated investigationsrelated to what is happening and
encourage anyone experiencing such problems to contact support as soon as
possible . In short, what is certain is that something is moving. Now at least
you have a lot of information that might be useful to you.
primewebreviews knowaboutanything newcomputerworld techstacy
theuniversalbeauty
