Sensitive information of 50 million WhatsApp users sold by a hacker

Sensitive information of 50 million WhatsApp users sold by a hacker

The phone numbers of nearly 500 million WhatsApp users have been put up for sale online, one of the biggest data breaches ever. According to a report, the person posted an ad on a hacking forum claiming to sell a database of 487 million mobile numbers to WhatsApp users by the year 2022.

The database contains mobile numbers of WhatsApp users from 84 different countries which include the US, UK, Egypt, Italy, Saudi Arabia and even India. This information is mostly used by attackers to launch attacks. It is therefore advisable for WhatsApp users to refrain from receiving calls and messages from unknown numbers.

Data package with WhatsApp on sale

The hacker claims that the data set contains more than 32 million user records in the United States. Correspondingly, 45 million users are affected in Egypt, 35 million in Italy, 29 million in Saudi Arabia, 20 million in France and 20 million in Turkey. The database is said to contain almost 10 million Russian and over 11 million phone numbers of British citizens. The report claims that the threat actor is selling the US dataset for $7,000 (approximately ₹ 5,71,690). While the cost of the UK and Germany datasets are $2,500 (approx. ₹ 2,04,175) and $2,000 (approx. ₹ 1,63,340) respectively.

whatsapp hacked: sensitive information of 50 crore whatsapp users sold by hackers - trak.in - Indian business in tech, mobile and startups

WhatsApp’s frequent data breaches

WhatsApp, a messaging platform owned by Meta, is one of the most popular messaging apps in the world. It is estimated that over a billion people use the app, sending over 65 billion messages a day. So it’s no surprise that security issues, malware threats and spam have started to appear on the platform. Here’s everything you need to know about the most common WhatsApp security issues and scams.

  1. WhatsApp Web Malware

For years, WhatsApp has allowed you to open a website or download a desktop app, scan a code with the app on your phone, and use WhatsApp on your computer. The app stores on phones – the App Store for iOS and the Google Play Store for Android – are more strictly regulated than the internet as a whole. When you look for WhatsApp in these stores, it’s generally clear which app is official. This does not apply to the wider Internet. Criminals, hackers and fraudsters have all taken advantage of this. There have been cases where attackers have masqueraded as WhatsApp desktop apps with malware.

See also  Beware of cyber risks!

50 ক্র্র WhatsApp এজান ন্বান ন্বাল কালা কালা কালা কালিক্ত্য, আল্স 'চ ধাক্ধ নান তান নান নান নান?  - whatsapp data leak 50 crore users' phone numbers are on sale by hackers how

If you are unlucky enough to download one of these files, its installation could spread malware or otherwise compromise your computer. Others have tried a different approach and created phishing websites to trick you into giving up personal information. Some apps ask for phone numbers pretending to be WhatsApp networks. However, they use this number to bombard you with spam or correlate it with other leaked or hacked data on the internet.

2. Unencrypted backups

The end-to-end encryption feature prevents your messages from being intercepted in transit, even by the Meta itself. In addition to cloud backup, there is also a local backup on your device. On Android, you can back up the app’s data to Google Drive. If you use an iPhone, Cloud backup is your goal. These backups contain decrypted messages from your device.

A backup file stored on iCloud or Google Drive is not necessarily encrypted. Because this file contains decrypted versions of all your messages, it is theoretically vulnerable and undermines WhatsApp’s end-to-end encryption. Because you have no choice in the backup location, you are at the mercy of cloud providers to keep your data safe. While no large-scale hack has yet affected iCloud or Google Drive, that doesn’t mean it’s not possible. One of the supposed benefits of encryption, for better or for worse, is the ability to prevent the government and law enforcement from accessing your data.

trending news: online sale of around 50 million whatsapp numbers from 84 countries, data from Indian users is also included - hindustan news center

Since the unencrypted backup is stored with one of two US-based cloud storage providers, only permission is needed and authorities can have unlimited access to your messages. Fortunately, WhatsApp has updated its service to include end-to-end encrypted chat backups. However, this setting is disabled by default. Go to Settings > Chats > Chat backup > End-to-end encrypted backup and select On to secure your WhatsApp backups. You must create a password to protect your backups. However, remember that if you forget your password, you won’t be able to access your backups – WhatsApp can’t restore them for you.

See also  SecuX Nifty hack-proof hardware wallet for safe storage of NFTs launched

3. Data sharing with Facebook

Facebook, now meta, has been largely criticized for its policies. One of these complaints is the company’s effective monopoly on the market and anti-competitive behaviour. Regulators try to minimize anti-competitive behavior by evaluating any takeover attempts. So in 2014, when Meta decided to add WhatsApp to the “Meta Family”, the European Union (EU) approved the agreement only after Meta assured it that the companies’ data would be kept separately.

It didn’t take long before Meta went back on that agreement. In 2016, WhatsApp updated its privacy policy to allow the sharing of data from WhatsApp to Facebook at the time. Although it did not disclose the full extent of this data transfer, it included your phone number and usage data, such as the last time you used the service. Your messages may be compromised because of this.

Despite assuring users that their data would not be publicly available on Facebook, the result was that Meta would instead store it in your inaccessible and hidden Facebook profile. In subsequent years, Meta made changes to facilitate this data sharing. WhatsApp was implicated in the widespread violence that took place in India in 2017 and 2018.

Messages containing details of fabricated child abductions were forwarded and spread across the platform, tailored to local information. These messages were widely shared among people on the networks and resulted in the lynching of those accused of these false crimes. In Brazil, WhatsApp was the primary source of fake news during the 2018 elections. Because this type of misinformation spreads so easily, businessmen in Brazil created companies to create disinformation campaigns against candidates, made possible by the fact that the app is used for both business and personal communication.

whatsapp tests new voice calling interface on iOS devices |  techgig

Both issues continued into 2018, a notoriously terrible year for the Met. Digital misinformation is a difficult problem to tackle, but many have found WhatsApp’s response to these incidents to be apathetic.

4. WhatsApp status

For years, the WhatsApp status feature, a short line of text, was the only way to broadcast what you were doing at the time. This turned into WhatsApp Status, a clone of the popular Instagram Stories feature. Instagram is a platform designed to be public, although you can set your profile to private if you prefer. So you can assume that WhatsApp status sharing is also private.

See also  Get Microsoft Office Pro and lifetime access to 5 top apps for $59.99

Despite this simplicity, this application does not make it clear whether your blocked contacts can see your status. However, the company has done the smart thing and your blocked contacts cannot see your status regardless of your privacy settings. As with Instagram Stories, all videos and photos added to your status will disappear after 24 hours. Despite the transient nature of Status, be aware that anyone who can see your updates can save a copy without your knowledge.

This application does not have a built-in feature to save status updates, but anyone can do it by taking a screenshot, uploading the screen, using WhatsApp status saver apps and more. At the time of writing, WhatsApp doesn’t let you know if someone is saving your update, so be careful not to share anything sensitive. More often than not, massive data sets posted online are obtained through scraping, which violates WhatsApp’s terms of service. Although the seller did not specify how he obtained the database, the seller said he “used his strategy” to collect the data.

bigbasket data breach: home addresses, numbers of over 2 crore Indians released

Is WhatsApp safe to use?

This is not the first time Meta and its platforms have hit the headlines for a data breach. Last year, it offered to leak information about more than 500 million Facebook users online for free. The leaked data then contained phone numbers and other details. WhatsApp is a confusing platform. On the one hand, the company has implemented end-to-end encryption in one of the most popular applications in the world, which is a clear security advantage. However, there are many security issues with WhatsApp. One of the main problems is that it is owned by Meta and suffers from many of the same privacy hazards and disinformation campaigns as its parent company.

Edited by Prakriti Arora

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *