Connect with us

PressRelease

Hackers use the call forwarding scam to gain WhatsApp accounts.

Published

on

scam to gain WhatsApp accounts

There is a method that enables attackers to take over a victim’s WhatsApp account and view their contact list and private conversations.

The technique depends on WhatsApp’s ability to provide a one-time password (OTP) verification code through voice call and the automatic call forwarding services offered by cell carriers.

Utilizing the MMI code

The founder and CEO of the digital risk management firm CloudSEK, Rahul Sasi, tweeted some information about the technique and claimed that it is used to hack WhatsApp accounts.

Testing by BleepingComputer revealed that the approach is effective, despite a few drawbacks that a determined attacker may get over.

A victim’s WhatsApp account may be hacked in a matter of minutes, but the attacker must have the victim’s phone number and be ready to use some social engineering.

According to Sasi, an attacker must first persuade the target to dial a number that begins with an MMI code that the mobile carrier put up to facilitate call forwarding.

Depending on the carrier, a separate MMI code may redirect calls to a terminal to another number whenever the line is busy or there is no reception, or only when the line is congested.

These codes begin with the symbols star (*) or hash (#). They are widely available, and according to our research, they are supported by all of the main mobile network carriers.

The MMI code in before of the 10-digit number instructs the mobile carrier to divert all calls to the phone number supplied after it while the victim’s line is busy, according to the researcher, who claims that the 10-digit number belongs to the attacker.

The attacker starts the WhatsApp registration process on the victim’s smartphone after deceiving them into forwarding calls to their number, selecting the option to get the OTP via voice call.

Once they have the OTP code, the attacker can set up two-factor authentication (2FA) for the victim’s WhatsApp account on their smartphone, preventing the account’s rightful owners from regaining access.

A few warnings

Although the technique appears straightforward, as BleepingComputer discovered through testing, getting it to function takes a bit more work.

First, the attacker must utilise an MMI code that sends all calls, independent of the status of the target device (unconditionally). For instance, call waiting may result in the hijack failing if the MMI only sends calls when a line is busy.

The target device also got text messages during testing from BleepingComputer telling it that WhatsApp was registered on another device.

If the attacker additionally uses social engineering and engages the victim in a phone conversation for just long enough for them to hear the WhatsApp OTP code via voice, users could not notice this warning.

A minor annoyance that can necessitate additional social engineering is that the attacker must use a different phone number than the one used for the redirection if call forwarding has already been enabled on the victim device.

The mobile operators’ activation of call forwarding leaves the target user with the clearest indication of suspicious activity because a warning is displayed on the screen upon activation and doesn’t go away until the user acknowledges it.

Threat actors still stand a decent chance of succeeding despite this prominent warning as the majority of consumers are unfamiliar with the MMI codes or the mobile phone settings that prohibit call forwarding.

Despite these barriers, dishonest individuals who are skilled at social engineering can create a scenario that enables them to keep the victim occupied on the phone until they obtain the OTP code for setting up the victim’s WhatsApp account on their device.

Using cell services from Verizon and Vodafone, BleepingComputer examined this technique and came to the conclusion that an attacker with a convincing scenario is likely to hijack WhatsApp accounts.

According to publicly available data, Sasi’s tweet refers to the cell providers Jio and Airtel, both of which had more over 400 million subscribers as of December 2020.

It’s simple to defend against this kind of assault by using WhatsApp’s two-factor authentication feature. Every time you register a phone with the messaging app, this function requires a PIN, preventing fraudulent users from taking over the account.

 

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

20 − 7 =

PressRelease

Sources:On Monday, Facebook will reveal a range of music products, such as a Clubhouse-like app, a podcast discovery service integrated with Spotify, and more. (Vox, Peter Kafka)

Published

on

sources monday spotifykafkavox

Sources:On Monday, Facebook will reveal a range of music products, such as a Clubhouse-like app, a podcast discovery service integrated with Spotify, and more. (Vox, Peter Kafka)

Peter Kafka / Vox:

Several audio products, including a Clubhouse-like app, a podcast finding service integrated with Spotify, and more, will be unveiled by Facebook on Monday, according to sources. On Monday, there will be announcements, although some things won’t be available for some time. — Facebook wants you to start communicating with others on the site.

Continue Reading

PressRelease

ByteDance’s founder Zhang Yiming steps down as Executive Chairman

Published

on

Zhang Yiming
The founder of TikTok’s parent company ByteDance founder Zhang Yiming has stepped down as chairman after announcing last May he was resigning as CEO and moving into a strategy role. New CEO Liang Rubo has taken over as chairman of the company’s board. The news comes shortly after the company announced a major organisational reshuffle at ByteDance to create six separate business units.
Continue Reading

PressRelease

Uber and Lyft will share data on banned drivers to protect passengers

Published

on

Uber
Rival companies Uber and Lyft have announced their plans to share with each other the names of drivers that have been banned from their platform, in an effort to increase passenger’s safety. The two apps have been criticised in the past for their handling of sexual assault and other safety concerns. Uber has revealed that in 2018 there were 3,045 sexual assaults and nine murders in its cars.
Continue Reading

Trending