Millions of users of Meta’s messaging service are at high risk due to a security breach; we tell you how to fix it and protect your data.
Recently, many WhatsApp users have seen their data stolen. With the help of a method that uses voice messages, hackers are able to gain control of an account and from that point on can impersonate users to perform various types of fraud. How this works and what you can do to avoid it.
The huge spread of the messaging service in recent years has led to more and more people using it. With several updates and more and more tools and features available, it is used by millions of people all over the world.
In this context, privacy and protection of information is extremely important. Despite the frequent changes made by the meta-platform to avoid problems, some security vulnerabilities, sometimes in the app itself and sometimes in the mobile device, leave users unprotected.
How can they steal your WhatsApp account through voicemail?
The method used by hackers is based on a very common vulnerability. The theft occurs through account verification, to which WhatsApp sends a code.
Just like when the service is first used, the account can be activated with the phone number. From any device, a person can enter any number and link this service account to their cell phone.
Once this information is selected, the application must verify that this number really wants to activate its account. For this purpose, it sends a six-digit code. This code can be sent by SMS or by phone call.
If the second option is selected, an automatic answering machine immediately generates a communication with an answering machine that dictates the number. If the call is not answered, the code remains stored in a message on the answering machine, and that is where the information is stolen.
Although many do not know it, the answering machine can be tapped from another phone number. All one must do is use a four-digit PIN. The problem is that most users have never changed this password and use the default combination, since it is practically obsolete. In many cases this is very simple and easy to guess.
If the hacker can access the voicemail, he has the code to activate WhatsApp and can therefore manage the account through your device.
How to avoid hacking WhatsApp via voicemail
The most effective measure against this and other security vulnerabilities is two-step verification. This is an additional six-digit PIN that is created by the user and then requested as an additional measure when activating an account.
On the other hand, it would also be a good measure to change the voicemail PIN or even block it if it is no longer used. The procedure varies depending on the company and model, but generally consists of a few simple steps.