A new type of cyber attack detected in recent weeks robs its victims of the account of WhatsApp taking advantage of the trust that has in his contacts, as they warn from the cybersecurity company Check Point.
When a user changes phones and wants to transfer their WhatsApp account, the tech company sends an SMS authentication to the number old phone so you can insert it into the new one.
This process allows you to change the WhatsApp application from one number to another. However, it is also the cybercriminal’s gateway to the victim’s account. “The first thing to know about this cyber attack is that the main asset for the cybercriminal is to take advantage of the victim’s trust,” says Check Point’s technical director for Spain and Portugal, Eusebio Nieva.
“It is for this reason that the way to carry out this attack is based on the fact that, previously, this cybercriminal has managed to attack one of the contacts of the victim in question and steal all the phone numbers he had, “he adds.
In this way, he gets the victim’s number, which he uses to write to WhatsApp and request the SMS code for authentication. Then, posing as a known contact, he writes to the victim requesting the code, claiming that they were wrong to send it to him.
“The essential thing for this cyber attack is that the victim trusts the number that is calling them, because knowing him trusts. Simple, but effective “, emphasizes the manager.
The theft of a WhatsApp account opens the door to other attacks, for example, against the contacts you have in your phone book. Thus, you can send an SMS with a link that redirects to a site with ‘malware’ or send a message via WhatsApp of the type “look how interesting, download it”, also with a malicious link.
However, it can also lead to mobile device infection to gain access to different applications and the victim’s movements or to introduce a banking Trojan to the device to steal the bank details and thus obtain a financial benefit.
Recovering the account is not easy. “The only way would be by talking to WhatsApp to inform them of the theft of the account and for them to automatically cancel that account with that phone number,” explains the manager. In addition, it would be necessary to report what happened to the Civil Guard or the National Police so that they can monitor the phone and “check all possible communications it has had with other users and minimize the victims.”
To protect against this type of attack, “The most important thing is that when a person receives an SMS they read it carefully”, Nieva assures. “It is essential to bear in mind that you must be very careful with the codes that are sent and know that you never have to send a code that you receive to anyone, whatever they tell you or whoever is requesting it” , concludes.