The 2.0 world is full of good things but also a lot of worries. Being connected to the network all day makes us vulnerable tohacker attacksand the subtraction of personal accounts, and the messenger giantWhatsappIt is not far behind in this aspect.
Because who made the law, cheated, and now it is possible to have your account stolen through the QR codes of the web version. The practice, not undermined'QRLjacking', makes the cyber criminal in questioncompletely sequester an accountWhatsApp, that is. You have access to all contacts, all files and all conversations on the victim's account.
Through this attack, hackers take advantage of social engineering techniques toattack applications that use QR codeas a method to register, as is the case of WhatsApp, which offers users the possibility of using the app through the computer.
Because to make use of this function it is enough to get on the web and pass a QR code through the mobile application itself. This is where computer criminals take advantage of the position toput your own codes-something imperceptible to the user- and causeaccount hijacking.
The QR code is an image that, after interpreted, generates a set of codes. In the case of WhatsApp, the app uses it to validate user access to your system,without any additional validation.
Knowing this, cybercriminals developtools that capture and store the image of the QR codegenerated by WhatsApp and create a new code to show the victim. Afterwards, the victim's session is stored in the hacker's computer and he can use it as he wishes without anyone noticing the kidnapping. There are already cases of cybercriminals who havewritten messages on behalf of a user or have even manipulated audios.
How to protect yourself from attacks?
There is no definitive option for a person not to be the victim of such attacks, although it is essential that the user beaware of the applications you useand how.
The first thing to keep in mind is that the operation of the QR code for WhatsApp webit is simply used to identify the useron a computer In the event that this code refers to other pages that have nothing to do with the application, it will be time to suspect.
Further,from the web app itself you can find out how many computers the session has openedand directly close them. The best thing is that, if the option is used on different devices, the session is closed at the end of its use to avoid such incidents.
On the other hand, count onsecurity programsOn the computer it is also essential, as well as avoiding browsing through public networks. Constantly updating the applications and the PC is also important to avoid the attack of cybercriminals.