Be careful with WhatsApp: they can hack you like Albert Rivera

Toni Cortés

2 minutes

Hack WhatsApp

Last Friday Albert Rivera, a citizen leader, had his WhatsApp account hacked. They managed to enter their profile, access their chat history, and obviously, their contact list. The fact is that it was neither Russian mafias nor a Turkish cyberattack. They managed to access their WhatsApp account in a very simple way. You watch carefully because it can happen to anyone. We explain how they did it.

What has happened to Albert Rivera has been a fairly simple "phishing". Normally, for this type of identity theft, false emails are used, imitating banks, and with them they ask you to type your nickname and password with any excuse. They are often easy to spot, and it is getting harder and harder to "chew" on the deception. But if you receive an SMS supposedly from the WhatsApp application, asking for the verification code, something common today in certain applications that require some verification via SMS, you can fall into the trap innocently.

Method used

They only needed to know Albert Rivera's phone number to proceed with the deception. From now on, the hacker contacted WhatsApp stating that his account had been stolen, or that he had simply lost his password and could not access his profile. So WhatsApp sends a verification code to the telephone number indicated previously via SMS.

So far everything is normal. You receive the code on your mobile, and when you enter it in the application you will have access to your account again. The trick was that after notifying WhatsApp, the «hacker» sent an SMS to Albert Rivera posing as a WhatsApp authenticity service, asking him to resend the activation code that he had received moments before.

Rivera found it something normal, believing it to be WhatsApp security, and sent the code. Once the cybercriminal received this code, he was able to enter Albert Rivera's profile without any problem.

It is true that it is possible to trace where the SMS was sent from, but if it was done from the internet, or from a stolen mobile phone, for example, little can be done to identify the "hacker".

So Watch out for verification code SMS. You have to be very clear about where to send it.


You are interested in:
How to have two WhatsApp on the iPhone
Follow us on Google News

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Albin said
    ago 5 years

    That is not entirely clear because to obtain the chat history they have to be logged in (The attacker) with the ID where the WhatsApp backup is. The attacker would also need the ID (be it apple or google) and the password. That is not so simple, do not alarm people.

    WhatsApp does not have a password unless you have two-factor authentication activated (it is best to activate it). They could only access Albert's contact list and also the list of his groups. Remember that WhatsApp does not store messages on its own server so it is not possible to rescue old messages and / or relevant information that has been exchanged.

    Blessings dear reader.

    Reply to Albin