A new type of cyber attack detected in recent weeks is robbing its victims of WhatsApp accounts and taking advantage of the trust they have in their contacts, as warned by cybersecurity firm Check Point.
When a user changes phones and wants to transfer their WhatsApp account, the tech company sends an SMS authentication to the old phone number so they can enter it into the new one.
This process allows you to change the WhatsApp application from one number to another. However, it is also the cyber criminal’s gateway to the victim’s account. “The first thing to know about this cyber attack is that the most important asset for the cybercriminal is to take advantage of the victim’s trust,” said Check Point Technical Director for Spain and Portugal, Eusebio Nieva.
“It is for this reason that the way to carry out this attack is based on the fact that this cybercriminal previously managed to attack one of the victim’s contacts and steal all the phone numbers he had “he adds.
In this way, he obtains the victim’s number, which he uses to write to WhatsApp and request the SMS code for authentication. Then, posing as a known contact, he writes to the victim asking for the code and claiming they were wrong in sending it to him.
“The most important thing in this cyber attack is that the victim trusts the number that speaks to him, because when he meets him, he trusts. Simple, but effective,” the manager emphasizes.
The theft of a WhatsApp account opens the door to other attacks, for example against the contacts you have in your phone book. For example, you can send an SMS with a link that points to a site with ‘malware’ or send a message via WhatsApp of the type “look how interesting, download it”, also with a malicious link.
However, it can also lead to infection of the mobile device to access various applications and the movements of the victim or to introduce a banking trojan on the device to steal banking information and thereby gain financial advantage.
Restoring the account is not easy. “The only way would be to talk to WhatsApp to notify them of the account theft and to automatically cancel that account with that phone number,” the manager explains. In addition, it would be necessary to report what happened to the vigilantes or the national police so that they can track the phone and “monitor all possible communication with other users and minimize the number of victims”.
To protect against these kinds of attacks, “the most important thing is that when a person receives a text message, they read it carefully,” says Nieva. “It is essential to keep in mind that you have to be very careful with the codes that are sent and know that you never have to send a code that you receive to anyone, no matter what they tell you or whoever asks for it,” concludes .