2 min Applications

New attack wave focuses on takeover WhatsApp accounts

New attack wave focuses on takeover WhatsApp accounts

Israeli authorities report that there is a new wave of hacks targeting WhatsApp accounts. That would be linked to voicemail hacking. The Israel National Cyber Security Authority has distributed a report in which it writes about this.

The alert, which was discovered by ZDNet and can be found on the Scribd site, describes a relatively new way of hacking WhatsApp accounts via the voicemail systems of telecom providers. The method was discovered last year by Ran Bar-Zik, a developer working for Oath.

Change Password

The idea is that users who have a voicemail account for their phone number are at risk if they do not change the default password for that account. That default password is usually 0000 or 1234, which makes it very easy to crack. The attacker uses this to add a legitimate phone number to a new WhatsApp installation on his own phone.

WhatsApp will then automatically send a one-time login code. However, if that code has not arrived several times, the service will send a voice code to the user. That code comes in the form of a phone call. If the attacker knows how to time it correctly, the owner of the number can’t record it and the code ends up in voicemail. The attacker can then listen to the voicemail and enter that code to take over WhatsApp.

As soon as the hacker has access to the WhatsApp account, he can set up a two-step verification. After that it is suddenly no longer possible for the legitimate owner of the account to take it back. This requires a six-digit code that only the attacker has.

The attack does not require technical skills, with which the Israeli authorities fear broad attacks. Users are therefore advised to use a strong password for their WhatsApp. It’s a very familiar problem, but I don’t think it has anything to do with Facebook, rather with the weak security of the voicemail, says Bar-Zik. Telecom providers should not set a default password, but should oblige the user to change their voicemail password as soon as it is used for the first time.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.