Once again, WhatsApp occupies our time with its security comings and goings, and it is only necessary for some to sharpen their ingenuity to realize that our WhatsApp conversations are infinitely more unprotected than we could imagine. A large number of users could be unprotected from the curious who want to snoop on our WhatsApp without our consent, and I honestly find it difficult to think that the WhatsApp guys would not have imagined this possibility before users, although on second thought, it is very much in their line.
Am I vulnerable to this security flaw?
The answer is simple, Voicemail will be key in this puzzle, if you have voicemail activated and you have not changed the default PIN that this service bringsIt will be enough that whoever wants to steal your account knows your phone number (something quite logical on the other hand) and wants to do so. If in addition to this, you have an iCloud backup of your conversations, the waste will be total.
What should I do to steal a WhatsApp account?
The user who created this video shows us how. The first step is as logical as it is simple, we will download the WhatsApp application on the device on which we want to do the wonder, we install the application as usual and begin the activation process. Once we have verified that our victim uses the voicemail, we will begin the registration process with the victim's mobile phone number or the one associated with the WhatsApp account.
Then, we wait patiently for the minutes of caution that WhatsApp offers for activation by the SMS code that the user receives to pass. Once these minutes have passed without entering the code, WhatsApp allows us to deliver this code through a phone call from a friendly machine that will issue the activation code slowly but surely.
So now what?
We proceed to sneak into your voicemail, for this the first thing is to confirm with the help of Google which is the operator to which the mobile phone whose voicemail we want to penetrate belongs, if we did not know it clearly. Once found, we go to Google once more, in the search box we enter «Voicemail number of (here telephone company)», when you have attended us again by a friendly machine to which we will have to enter the telephone number and the PIN of the voice mailbox.
This is where we hit the tipping point. The vast majority of operators do not force to change the PIN code of the voice mailbox, so it will be established by default according to each company in not very complex codes such as "1234, 1111 or 0000", Google will once again give us a hand if we look for "default PIN of the voice mail of (telephone company)".
The touch of grace
Now we simply make sure to activate WhatsApp at a time when we know that the user is not going to answer this call, either because they are sleeping or for any other reason. This audio verification code will be forwarded to the voice mailbox whose password and access we have of course, it is just entering and flying.
Give me solutions
It is almost as simple or more to protect yourself as stealing them, here are some tips: Change the voicemail PIN, it is not too difficult and it will provide you with security in many more things than WhatsApp or deactivate the voicemail if it is not useful to you.
If you are running late and your account is already in the possession of someone else, the first step is to reactivate the session on your device, which will remove the session from the thief device and allow you to return to normal., but if it is not possible for one reason or another, in the contact section of the official WhatsApp Inc website you can find the methods to communicate with the WhatsApp administrators to whom you can comment on your situation and they will surely do everything possible to help you. to recover your account. Once you have regained access to your account, do not forget to take the relevant security measures.
Is this legal?
Obviously I want to make it clear for the moralists of the internet world, who are many, that my intention by publishing this information is not by far to encourage criminals to carry out these practices, nothing is further from reality, my profession prevents me ethically nor imagine it. With this publication I only intend to show how exposed our privacy is, and often only when you see the ears of the wolf do you begin to take certain imperceptible things seriously.
I remember you, the most wicked minds, that hijacking someone else's voicemail or WhatsApp account is protected by the Spanish Penal Code and the Spanish Constitution as a crime against the privacy of the person, there is more specifically jurisprudence about this type of telematic crimes, a varied range of sentences from the Constitutional Court, taking into account that it could also be aligned together with the crime of Identity Theft, carrying out these practices you could tread on considerably swampy ground. That said, and if you believe that you have suffered an attack against your rights of this type, do not forget that the Telematic Crimes Group of the Spanish Civil Guard will be happy to assist you in the following LINK processing your complaint.
Man, well, rather than thinking how it is possible that the WhatsApp guys had not thought of this, I would say how it is possible that the telephone companies allow access to your mailbox from another telephone by default with a PIN like these.
If I have not misunderstood, the problem is with the telephone companies, not with WhatsApp.
We are on a page in Spanish, using the word "source" instead of source does not help the rest of the readers at all.
On the other hand, we are a website in Spanish worldwide, and obviously I try not to reference any telephone company because if any Spanish-speaking user decided to make the same comment about the telephone companies that incur this consensual security failure, they could have made an endless list .
You gave me a blame for saying "source"
Before writing the comment I wrote you two «tweets» so that you would realize that you had forgotten to put the «source» and in the two «tweets» I used the word «source»
On the other hand, there is only one company (the one I mentioned before) that allows access to the voicemail of any of its clients, at least for the moment, and that is why I mentioned it. I have not checked all of them logically, but here in Spain I have tried the four main ones.
Note: Don't forget to put the font
It seems good to me that you warn of the vulnerability, but explaining how to do it with hairs and signals is fireworks. Next installment «how to fake PayPal accounts»? It's worth it!
It's not the fault here Actualidad iPhone, but the WhatsApp app and the users who use it. For years we have known about the vulnerability of this app, since its messages are not encrypted and fly freely, allowing them to be easily read by anyone who has access to the connected network. Although there are better apps that do guarantee message encryption, they are not used.
In any case, let them fix their bugs by solving the "problems" that users detect. 🙂
As you say in the article, you are not inciting anyone, but I think you become a necessary cooperator for those who want to commit this crime, so be careful
Reporting is a right and from no jurisprudential point of view I would be becoming a necessary cooperator of this crime, since in this way the newspapers would have cases opened daily when they analyze the modus operandi of a corrupt politician for example.
And even more so when in the article there is a fairly exhaustive statement about the intention and the result.
It is totally correct that it provides the steps to follow, so that all of us who read this entry know how to block it and get away from the vulnerability of the telephone ... It would be useless if it only told us: "Your WhatsApp account is hackable" and does not explain the How, to close and protect.
All the best
You can put the web where we hear the voice messages, that I already goglee and I do not see a web where to put the cell number and I can listen to the messages
If you click on the link of the video tutorial you will see that the author has no relationship with Actualidad iPhone and in fact the video is not ours, since it is not published on any of our official accounts.
I do not see because of the harshness of the questions to Miguel Hernández regarding this article, which personally I think is very good for cases of knowing marital infidelities (if they were in that case, maybe the answer would be another). I CONGRATULATE YOU Miguel for your contribution and if you have any suggestions or a broader detail, I would appreciate it if you share us. I leave my personal email. Greetings
That woman is so ignorant that she does not realize that the problem is not with this blog (nor with thousands of other sites that have explained this vulnerability) but with the little security of WhatsApp and how dangerous it is to use it in certain cases , but it's the internet and any clown says anything in order to generate one more reproduction or click ...
I leave you a part of the text: «Is this legal?
Obviously I want to make it clear for the moralists of the internet world, who are many, that my intention by publishing this information is not by far to encourage criminals to carry out these practices, nothing is further from reality, my profession prevents me ethically nor imagine it. With this publication I only intend to show how exposed our privacy is, and often only when you see the ears of the wolf do you begin to take certain imperceptible things seriously.
I remind you, to the most perverse minds, that hijacking someone else's voicemail or WhatsApp account is protected by the Spanish Penal Code and the Spanish Constitution as a crime against the privacy of the person, with more specifically jurisprudence about this type of telematic crimes a varied range of Constitutional Court rulings, taking into account that it could also be aligned with the crime of Identity Theft, performing these practices could step on a considerably swampy ground. That said, and if you believe that you have suffered an attack against your rights of this type, do not forget that the Telematic Crimes Group of the Spanish Civil Guard will be happy to assist you at the following LINK processing your complaint. "
That said, I recommend sharpening your reading and writing skills as well. A greeting and thanks for reading.
Funny that it is not your intention that people do it and use terms like "what should I do to steal" "our victim" "sneak in" "touch of grace" like a master swindler who teaches his pupils. If it is true that it is a right to be informed, but the way I present the information I consider (personal opinion) is not merely informative but even provocative.
By the way, the failure is not from WhatsApp, but from the operators that do not take care of their customers' mailboxes
Greetings.
Our support for Miguel Hernández, if he had only given the news, many would be on google to see how it can be done, that is, if they do not see it here they will see it elsewhere. You have to look at it on the positive side, how to avoid it, and if it has happened to us, ALL of us want to know how it has happened. I invite you to my live podcast to talk about the topic @AppleDecir
I heard it on the TruckerGeek podcast and I couldn't believe it, but it is true. Please do not give ideas, skip the technical part of how it is done please! We already have enough security flaws and spies to promote new methods 🙁
I subscribe to 9to5mac, but I never understand much of their news. Thank you Actualidad Iphone for your simultaneous translation service. I always have every article that 9to5mac publishes in actualidad iphone Within a few minutes it was translated into Spanish, which is very appreciated for those of us who do not speak English.
Man, well, rather than thinking how it is possible that the WhatsApp guys had not thought of this, I would say how it is possible that the telephone companies allow access to your mailbox from another telephone by default with a PIN like these.
If I have not misunderstood, the problem is with the telephone companies, not with WhatsApp.
Each person has their opinion
You forgot to put the source and if you want to add something ... Yoigo allows it, 99% of Yoigo users are exposed
Good afternoon José.
We are on a page in Spanish, using the word "source" instead of source does not help the rest of the readers at all.
On the other hand, we are a website in Spanish worldwide, and obviously I try not to reference any telephone company because if any Spanish-speaking user decided to make the same comment about the telephone companies that incur this consensual security failure, they could have made an endless list .
A greeting and thanks for reading.
I laughed Miguel, it came out unintentionally, I was angry but I already missed it.
You gave me a blame for saying "source"
Before writing the comment I wrote you two «tweets» so that you would realize that you had forgotten to put the «source» and in the two «tweets» I used the word «source»
On the other hand, there is only one company (the one I mentioned before) that allows access to the voicemail of any of its clients, at least for the moment, and that is why I mentioned it. I have not checked all of them logically, but here in Spain I have tried the four main ones.
Note: Don't forget to put the font
It seems good to me that you warn of the vulnerability, but explaining how to do it with hairs and signals is fireworks. Next installment «how to fake PayPal accounts»? It's worth it!
It's not the fault here Actualidad iPhone, but the WhatsApp app and the users who use it. For years we have known about the vulnerability of this app, since its messages are not encrypted and fly freely, allowing them to be easily read by anyone who has access to the connected network. Although there are better apps that do guarantee message encryption, they are not used.
In any case, let them fix their bugs by solving the "problems" that users detect. 🙂
As you say in the article, you are not inciting anyone, but I think you become a necessary cooperator for those who want to commit this crime, so be careful
Reporting is a right and from no jurisprudential point of view I would be becoming a necessary cooperator of this crime, since in this way the newspapers would have cases opened daily when they analyze the modus operandi of a corrupt politician for example.
And even more so when in the article there is a fairly exhaustive statement about the intention and the result.
A greeting and thanks for reading.
It is totally correct that it provides the steps to follow, so that all of us who read this entry know how to block it and get away from the vulnerability of the telephone ... It would be useless if it only told us: "Your WhatsApp account is hackable" and does not explain the How, to close and protect.
All the best
Kat AL MH
Thank you Actualidad iPhone! I have already stolen 4 guasap accounts. I love it!
I've already stolen my boyfriend's account, and anyway… thanks for the tutorial!
You can put the web where we hear the voice messages, that I already goglee and I do not see a web where to put the cell number and I can listen to the messages
I imagine that that video tutorial has not been posted actualidadiphone. Anyone who enters Google finds it without problems.
Good morning Jorge.
If you click on the link of the video tutorial you will see that the author has no relationship with Actualidad iPhone and in fact the video is not ours, since it is not published on any of our official accounts.
Very good teaching how to do these things this is worth mentioning in my podcast
A pleasure and thank you.
I do not see because of the harshness of the questions to Miguel Hernández regarding this article, which personally I think is very good for cases of knowing marital infidelities (if they were in that case, maybe the answer would be another). I CONGRATULATE YOU Miguel for your contribution and if you have any suggestions or a broader detail, I would appreciate it if you share us. I leave my personal email. Greetings
... I forgot if you know of any effective tool for this purpose, please let me know .. Greetings
Well it does not do this, now it is impossible to bypass the security of the pin.
That woman is so ignorant that she does not realize that the problem is not with this blog (nor with thousands of other sites that have explained this vulnerability) but with the little security of WhatsApp and how dangerous it is to use it in certain cases , but it's the internet and any clown says anything in order to generate one more reproduction or click ...
Encourage committing a crime. Every day you surpass yourselves.
Good morning "Captain Gutiérrez" (how funny).
I leave you a part of the text: «Is this legal?
Obviously I want to make it clear for the moralists of the internet world, who are many, that my intention by publishing this information is not by far to encourage criminals to carry out these practices, nothing is further from reality, my profession prevents me ethically nor imagine it. With this publication I only intend to show how exposed our privacy is, and often only when you see the ears of the wolf do you begin to take certain imperceptible things seriously.
I remind you, to the most perverse minds, that hijacking someone else's voicemail or WhatsApp account is protected by the Spanish Penal Code and the Spanish Constitution as a crime against the privacy of the person, with more specifically jurisprudence about this type of telematic crimes a varied range of Constitutional Court rulings, taking into account that it could also be aligned with the crime of Identity Theft, performing these practices could step on a considerably swampy ground. That said, and if you believe that you have suffered an attack against your rights of this type, do not forget that the Telematic Crimes Group of the Spanish Civil Guard will be happy to assist you at the following LINK processing your complaint. "
That said, I recommend sharpening your reading and writing skills as well. A greeting and thanks for reading.
Funny that it is not your intention that people do it and use terms like "what should I do to steal" "our victim" "sneak in" "touch of grace" like a master swindler who teaches his pupils. If it is true that it is a right to be informed, but the way I present the information I consider (personal opinion) is not merely informative but even provocative.
By the way, the failure is not from WhatsApp, but from the operators that do not take care of their customers' mailboxes
Greetings.
Our support for Miguel Hernández, if he had only given the news, many would be on google to see how it can be done, that is, if they do not see it here they will see it elsewhere. You have to look at it on the positive side, how to avoid it, and if it has happened to us, ALL of us want to know how it has happened. I invite you to my live podcast to talk about the topic @AppleDecir
I heard it on the TruckerGeek podcast and I couldn't believe it, but it is true. Please do not give ideas, skip the technical part of how it is done please! We already have enough security flaws and spies to promote new methods 🙁
I subscribe to 9to5mac, but I never understand much of their news. Thank you Actualidad Iphone for your simultaneous translation service. I always have every article that 9to5mac publishes in actualidad iphone Within a few minutes it was translated into Spanish, which is very appreciated for those of us who do not speak English.
does anyone know where to see the video? youtube downloaded it