It has been discovered that Whatsapp accounts can be hacked by hackers using call forwarding.
Malicious hackers can now take control of your WhatsApp account using a hacking technique called call forwarding. This method is not necessarily the easiest as it requires quick responsiveness and social skills from the threat actors.
However, for skilled and experienced hackers, it could also mean taking over a user’s account in just a few minutes.
There is a flaw that allows malicious actors to take control of an unsuspecting victim’s user account and read their private messages and contact list.
WhatsApp Call Forwarding – How does it work?
WhatsApp, Meta’s instant messaging app, has a flaw that allows malicious actors to take control of any user’s account.
Call forwarding, the technique that can be used, uses an automatic feature provided by mobile carriers that redirects incoming calls to another phone number, as well as an option provided by WhatsApp to pass a verification code for a one-time password (OTP) via voice call.
Founder and CEO of cybersecurity company cloudSEK, Rahul Sasi, has also confirmed that call forwarding is successful when it comes to breaching someone’s account in the messaging app. Sasi has posted some details regarding the method, stating that it is used to hack WhatsApp accounts.
He added that the malicious actor must first persuade the victim to call a number beginning with a human-machine interface (MMI) code configured by the mobile operator to facilitate call transfer.
According to Bleeping Computer, Rahul Sasi said: “First, you receive a call from the attacker, who will convince you to call the following numbers: **67* or *405*. Within minutes, your WhatsApp would be be logged out, and attackers would gain full control of your account.”
The first character of these codes is either a star
or a pound sign (#). They are not difficult to locate and, according to the tests carried out, the majority of the main mobile network operators support them.
On some mobile operators, a particular MMI code can either redirect all calls to a terminal to a different number, or redirect incoming calls when the line is busy or there is no reception.
If the hackers manage to convince the victim to forward the calls to their number, the malicious actor will start the process of registering WhatsApp on their own device, selecting the option that allows them to receive the one-time password (OTP) by voice call.
After obtaining the OTP, the malicious user can register the victim’s WhatsApp account on their own device and enable two-factor authentication (2FA), which prohibits the legitimate owners of the account from accessing it again.Read also
: Cryptocurrency Renaissance: Terra launches LUNA 2.0 with a rocky start
How to prevent call hacking
Call forwarding is just one of the many ways malicious actors can hack into someone’s phone. However, there are also SIM card swaps and phishing emails and SMS as methods of attack.
Also, these days, threat actors are now using public Wi-Fi networks. They can create fake Wi-Fi networks to lure users who need an internet connection, and when victims connect through their network, it will lead them to fake sites that will help them launch an attack.
According to MUO, users are strongly recommended not to connect to any Wi-Fi network to avoid hacking. Users are also advised to disable hotspots in high traffic areas.
With the call forwarding policy, users are advised not to allow any access to an unknown caller. Also, it’s worth remembering that two-factor authentication can help users add that extra layer of protection and security. However, in this case users should use it wisely to their advantage instead of allowing this tool to run a hack on their devices.
: Russian cybercriminal forums buy and sell US university VPN credentials like it’s nothing – sellers even ask for donations