WhatsApp hacked, nearly 500 million users exposed

WhatsApp hacked, nearly 500 million users exposed

On November 28, 2022, information emerged about a new WhatsApp breach. The hacker offers a database of stolen data for sale since November 16. The offered package contains the data of over 487 million users from up to 84 countries.

WhatsApp hacked with used data exposure

WhatsApp, one of the most popular messaging apps under the sun, was allegedly hacked a couple of weeks ago. Messenger offers end-to-end encryption, but the breach appears to rely on the back-end problem. As the hacker assures, the information it leaked from WhatsApp contains the phone numbers of the messenger users. The forum post where the hacker offers the data it stole was posted on November 16therefore, the exact breach occurred around this date.

Breachforum posts WhatsApp data
Forum posts offering to buy WhatsApp users’ data

The leak includes data from more than 487 million users from 84 countries. Among them are European, Middle Eastern, Asian, African countries and both Americas. Cybercriminals offer to buy the database in parts, by country or region. It is not clear if anyone can buy the entire leak, but the prices of parts show that it will not be cheap. For example, the UK database is priced at $2,500, the same as Germany. Meanwhile, the price for the package with US users will cost $7,000. To test the leak, hackers offer a test sample of ~1000 numbers from the list.

What is the danger of such a leak?

Phone numbers are an important identifier for a person, which makes it possible to carry out phishing attacks and impersonation. Threat actors can use phone numbers to carry out mass spam via SMS, as well as robocalls. Alternatively, crooks can spam you via messengers, including the same WhatsApp. These messages are not dangerous in themselves, but any interaction with this thing can end up with more intensive spam or, if you are not careful, lose money or reputation.

See also  Support King, banned by FTC, linked to new phone spying operation • TechCrunch
Example of SMS spam
The example of SMS spam, which imitates the message from BofA

The other side of the sad story is security issues about WhatsApp. Apparently, this is not the first time WhatsApp has been hacked. All other Meta products – Facebook and Instagram – did not escape this bad reputation either. In addition to being vulnerable to hacker attacks, these apps are also known for their data collection capabilities. Nothing else can track your activity and interests in such an intensive way. However, targeted ads there are of poor quality, so it is questionable whether there is any useful motive for using these services.

How can I protect myself?

As you can see from the recent cases involving WhatsApp, Facebook and other social media, you should help yourself when you are about to drown. It is not clear how the hack happened, but it is clear how you can reduce the amount of data hackers can reach.

  1. Do not share personal information. Untargeted social network spam has become a common thing, but in more sophisticated cases, crooks rely on the details you share on your profile. The less information you put out – the less convincing phishing the crooks can perform.
  2. Keep an eye on recent breaches. In some cases, phone numbers are not displayed, but usernames and passwords. If you see the news telling you about the possible breach, it is better to preemptively change your credentials. In one way or another, such a procedure significantly increases your security.
  3. Use anti-spam apps. Not all hacks are high profile enough to become public as soon as they happen. Most of the time, hackers will be able to sell significant amounts of data they stole on the Darknet. To prevent the consequences of this, use programs that automatically detect and delete spam SMS. They usually work by comparing the sender’s number with a precompiled database. However, be careful with these apps as well, as they can sometimes malfunction, or leak your information to a third party. Use only proven ones.
See also  SandStrike Spyware Infects Android devices through VPN apps

WhatsApp hacked, nearly 500 million users exposed

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *