Help with a Whatsapp hacking attack

  • Replies:4
  • OpenNot stickiedUnanswered
  • Forum posts: 2

Sep 22, 2019, 1:59:48 AM via Website


A friend, who does not have 2FT activated, was tricked to read a Whatsapp confirmation PIN received over his phone via SMS and an attacker took over his whatsapp account ( probably using whatsapp in a mobile phone without a SIM card but connected to a WIFI network), and immediately started to ask for money to his contacts including me. Somehow the attacker managed to uninstall the app from my friend's mobile phone too. When I suggested him to re-install the app, and check the Whatsapp Web option "Log Out From All Accounts" option, to try to kick the attacker out, my friend had already contacted the mobile phone carrier helpdesk to block the number, and he is activating his number in a new SIM card, but I am afraid that will not stop the ongoing attack to his whatsapp number...

Anyway, some 2 hours later I did a test and the attacker still holds the Whatsapp session under my friend's mobile number. I asked how much money he needed to be transferred and there was an answer, obviously not from my friend...

So, my question, Is there any easy way out of this loophole? What is the easiest way to guarantee the attacker will be isolated? Wait for the mobile phone operator to reinstate the line in his new SIM card chip and activate 2FT? The hacker can already have done that using the whatsapp app validated when my friend told him the PIN over the phone... as far as I can remember, there is no SMS confirmation to activate 2FT , in case Whatsapp is already running in a phone that has been validated by the PIN received via SMS, which is soething the attacker has already achieve. If the hacker is connected via WIFI and has a working Whatsapp applicaton running, he probably already activated 2FT ... and my friend won't even be able to gain access to his whatsapp account again, not to mention, block an ongoing session.

Any suggestions to help deal with the scenario described are Welcome!

I tried to google this but it seems all Whatsapp Security measures and articles do not take in account a simple Con via a phone call... The Con was about a confirmation of an Ad posted to sell a car online, and the attacker presented himself as an employee of the Ads website.

Thanks Much

  • Forum posts: 1,041

Sep 22, 2019, 7:48:50 AM via Website

Yes, who else should know what to do?

  • Forum posts: 2

Sep 22, 2019, 6:43:43 PM via Website

Yes, Whatsapp Help has been contacted via email, but seems the average time to reply is 10 days.

Apparently, just downloading the app again and requesting a new PIN should have worked to kick off the intruder from the account but it seems it doesn't because the number has been blocked and reported to whatsapp by friends. So this seems a weird situation where the owner has no access to whatsapp but the attacked does , until someone at whatsapp helpdesk resets the account. This is the scenario I was trying to overcome ad that is still happening until now ...

Anyway, thanks for the feedbacks.