Account hacking on WhatsApp is becoming more common, and a new scam has arisen that allows hackers to take control of the messaging app’s accounts with only a phone call.
The latest scam was brought to light by a report stating Rahul Sasi, the founder and CEO of CloudSEk.
When persons receive a call from cyber attackers, they are instructed to dial numbers starting with ’67’ or ‘405’. While making the call, they are signed out of their WhatsApp accounts, and hackers have total access of their accounts in seconds.
Sasi stated in a blog post
“First, you’ll get a call from the attacker, who will persuade you to dial **67*10 digit number> or *405*10 digit number>. “Your WhatsApp would be logged out in a matter of minutes, and the attackers would have complete access to your account,”
They can then route the persons’ phone call to a phone number that they acquire. In the meantime, the attackers start the WhatsApp registration process by choosing “the option to send OTP through phone call.”
“Because your phone is active, the OTP will go to the attacker’s phone,” he stated. In this method, the attacker is able to get access to the victims’ accounts.
According to the security researcher, this method may be used to get into anyone’s WhatsApp account if the hacker has physical access to their phone and permission to make calls. He said that, “This method works globally because every country and service provider has an identical service request number.”