Social Media

WhatsApp accounts being hacked via unsecured Voicemail then bonafide users locked out using Two-Factor Authentication

There is a new (freshly) discovered way for hacking into people’s WhatsApp accounts. The technique is so simple and is quickly becoming popular with hackers around the globe. The problem is not with WhatsApp security features per say, but with how voicemail accounts in most telecommunications networks are secured.

The hacker begins by installing WhatsApp on a new device using your number

If you have been using WhatsApp, then you probably know the steps the company use in authenticating users. You go to your respective app store, download the WhatsApp app to your device, and then the company sends you a verification code via SMS.

At the verification stage, you

forwp-incontent-ad ampforwp-incontent-ad1">
can opt for voice call verification instead of the SMS. Here is where things go wrong. Hackers now install the app on a device using your number and opt for the phone call verification. Where WhatsApp makes a call to the number to be verified and reads out a loud the verification code to be used for login into the account. The hackers then time their activities to a time you most likely will not be receiving any calls.

Voicemail default password that you never change

For most people, nighttime when you are asleep, you either turn off your phone or set it to silent. So when the WhatsApp call comes through for verification, it goes straight to your voicemail. However, most people don’t bother securing their voicemail accounts. They leave the password to default settings of either 0000 or 1234.

Coupled with the fact that most telecommunications companies around the world give their subscribers a generic phone number

to call and retrieve their voicemail. All a hacker needs to do to hijack your account is to time when you are most likely not going to receive a phone call. Then sign into WhatsApp using your number and on the stage for verification opt for the voice call.

When the WhatsApp phone call comes through to your end, it will go to voicemail, since you did not pick up. The hacker will then call the generic phone number for voicemail given by your carrier, and then try out any of two above mentioned passwords. For most subscribers, it is either one of the two, but even if it was not, a clever hacker could use brute-force tactics to break into your voicemail.

Hacker uses Voicemail default password to get verification code

Once the hacker successfully accesses your voicemail. They will playback the voicemail from WhatsApp for authentication, and just like that, they now have the code needed to sign into your account.

You will only realize you have been hacked (or rather kicked out of your own WhatsApp account) the next time you try to use the app. Some hackers go as far as now setting up two-factor authentication and using their credentials to fully lock you out. In which case it would be extra hard to get back into your account.

As a rule of thumb, you are strongly requested to set up two-factor authentication on your WhatsApp right now, if you haven’t. Just simply go to Settings > Account > Two-step verification > Enable.

You will be asked to set up a six digits PIN that you will be asked for each time you log into WhatsApp again. Followed by an email address for verification.

Felix Omondi

Kenyan citizen with a passion for writing for as long as I can remember. In my spare time, I like to blog and read up on trends that's happening around the world.

Recent Posts

The Evolution of Translation Alongside The Digital Industry’s Transformation In the Past Decade

Translation has evolved drastically alongside the digital revolution in the past ten years. From mobile…

1 day ago

Best Casino Games For Beginners

One of the main reasons why online casinos are so popular today is their simplicity.…

2 days ago

The Psychology of Casino Games and How They Make You Spend More

Image Credit: Pexels.com Lots of people who play casino games at online casinos find it…

2 days ago

T20 Cricket World Cup 2021 Preview: All the Details You Need

Image Credit: CricketAddictor.com The T20 Cricket World Cup will finally be back after five long…

3 days ago

What’s Driving Cryptocurrency Prices?

The cryptocurrency marketplace is changing so fast, many investors and traders find it hard to…

3 days ago

Is MVC2 Finally Getting a Re-Release?

When we were kids the most exciting times or you can say the “highlight” of…

3 days ago