The exposed database Numerous negative effects of varied severity may result from it, including unfettered access for hackers to information that can be stolen and the start of malicious activities that may put users’ and organizations’ security at risk.
According to recent reports from CyberNews, a group of online criminals allegedly stole millions of smartphones with WhatsApp accounts from around the world and listed them for sale on the hacking discussion board BreachForums.
The database put up for sale has close to 500 million numbers, but the impacted population is about 11 million Spanish speakers. Despite the fact that WhatsApp does not consider a breach to their platform to be justified, the existence of these numbers exposes the owners of those numbers to other cyber hazards.
According to the aforementioned medium, these malicious actors would have done this with the intention of carrying out, among other things, attacks of “smishing” or “wishing” — which involve impersonation through an SMS or a call, respectively — as well as to impersonate other users and commit fraud, malicious techniques that multiply in businesses and organizations.
According to statements gathered by Europa Press, the technical director of Check Point Software for Spain and Portugal, Eusebio Nieva, says that attacks like “vishing” or “smishing” have a great potential to multiply once cybercriminals have the phone numbers and other means of contact and sell them.
Nieva describes both as “extremely risky” and adds that they can even “deceive an employee to commit economic crime” because cybercriminals “can access business data through them.”
Attacks of this nature are more frequent on days when people make large purchases, like Black Friday or Cyber Monday, as well as during brand-sponsored sales events, like Amazon Prime Day.
In fact, a study released by a cybersecurity firm in July indicated that during the commemoration of this occasion, phishing emails relating to the company founded by Jeff Bezos increase by 86 percent.
INFORMATION LEAKAGE FROM OTHER ACCOUNTS
Many times, the theft of other user accounts follows the leak of millions of WhatsApp numbers, which are afterwards offered for sale on internet hacker sites.
The technical director of Check Point insists that each account must have a different credential, saying, “It happens especially if we have the credentials of one of them and we have the same in the others.”
He continues, mentioning the value of having authentication systems, “Sometimes it may appear cumbersome to remember all of them, but if we select a solid password manager, may make the process much easier.
“It is crucial to incorporate the factor of double authentication in all the services, as this will allow us to prevent attacks if someone tries to access from a different point,” says Nieva.