Skip to main content

WhatsApp Accounts Can Be Easily Hijacked 2015


An important warning for those of you who use the popular mobile messaging app WhatsApp: Your account may not be as secure as you think it is. A recent article from The Hacker News explains that someone can easily hijack your WhatsApp account if they gain physical access to your phone, even if just for a few moments. Theoretically, the attack could be used against any of the 800 million current WhatsApp users.
The actual mechanism of the attack isn’t sophisticated, and it doesn’t require any hacking skill at all. To start, a thief sets up a WhatsApp account on a new phone using your account’s phone number. During this process, a confirmation code will be sent to your phone. If the thief can intercept your phone during this time, they can enter it on their version of WhatsApp, stealing your account. Simply locking your phone isn’t enough protection against the attack, since the thief can simply request the code be called in.
Because a thief needs to be in physical possession of your phone, your WhatsApp account is likely safe from Chinese hackers located halfway across the globe. It’s not safe, however, from a nosy snoop at work or a jealous boyfriend. That’s where the real danger here is – someone close to you may want to spy on you, monitoring your WhatsApp messages and browsing through your contacts.
WhatsApp will hopefully fix this particular issue with its authentication protocol, given how news of the hijacking vulnerability has spread. In the meantime, there’s no reason to be high alert, but you should aim to be more physically protective of your device in general. Don’t leave your phone out on your desk at work unattended, and keep it in your pocket or stashed away when you have guests visiting your home. And be careful of who you lend your device to if you think they may have an interest in spying on your messages.

Labels

Labels:

Comments

Post a Comment

Popular Posts

Create Your Own Social Networking Site

Create Your Own Social Networking Site JCOW: Ethical Hacking Top 10 reasons to choose Jcow:- 1. Handle more traffic - Clean codes and Dynamic caching can lower the CPU load and  speed up your website. 2 Make your site more interactive - Well designed Jcow applications help you members to connect and communicate with others more effectively. 3 Add questions to the Registration Form - You can add new member fields, which will be displayed to the registration form, profile form, and the member browsing form. 4 Easily share stuff - Within the AJAX sharing Box, your members can publish status,  photos, videos, and blogs. 5 Customize and Extend your Jcow Network - A Jcow network consists of core apps(like "Friends" and "Messages") and optional apps(like "Blogs" and ""Videos"). You can enable/disable optional apps. You can also develop your own apps. 6 Every profile could be Unique - Members can customize their own profile theme and  add music play...
Post a Comment
Read more

HL7V2.x to HL7V3.0 Translation Issues Details-2

In continuation of my previous post this post lists the other issues associated with HL7 v2.x to HL7v3 translation Conformance Patterns: The other major issue with the transformation of messages is the behavior of application when a particular information exchange takes place. In HL7V3.0 apart from the trigger events and interactions there exists the notion of application role as senders and receivers. The application role is characterized as the entire set of interactions for which the sender and receiver are responsible for transmitting. HL7V3.0 clearly defines the possible interactions and the application behavior associated these interactions in the form of responses for which the sender and receiver needs to adhere to. The differences in messages between V2.x and V3.0 and absence of clear guidance on V2.x regarding application behavior on receipt of message makes the transformation exercise more difficult. Vocabulary: It is a well known fact that 80% of HL7 V2.x message failu...
Post a Comment
Read more

Hack WiFi Account From Phishing Attack With WifiPhisher

WiFi Phishing Attack With WifiPhisher Tool  Wifiphisher   is a security tool that mounts fast automated phishing attacks against WiFi networks in order to obtain secret passphrases and other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases. From the victim's perspective, the attack makes use in three phases: 1. Victim is being deauthenticated from her access point. Wifiphisher continuously jams all of the target access point's wifi devices within range by sending deauth packets to the client from the access point, to the access point from the client, and to the broadcast address as well. 2. Victim joins a rogue access point. Wifiphisher sniffs the area and copies the target access point's settings. It then creates a rogue wireless access point that is modeled on the target. It also sets up ...
Post a Comment
Read more