Hackers can use answering machines in their actions while the owner of the phone is abroad.
According to the information security researcher, hackers can hijack a Whatsapp account by using the answering machine. Adobe Stock / AOP
Hackers can take your Whatsapp account while you sleep, warns a researcher specializing in information security Zuk Avraham.
Avraham has opened up the methods of hackers on his Twitter account and alerts people who have an answering machine in use. Hackers use the answering machine to help hijack Whatsapp.
First, the hacker will try to log into your Whatsapp account without a password. Whatsapp first offers a security code to be sent by text message to the number you have registered in your Whatsapp account. However, the hacker can press the option “text message did not arrive” and request a security code by phone.
In this case, Whatsapp makes an automatic call to your number. However, because you are sleeping, you do not answer the phone and the call goes to the answering machine, where a message is left with the security code.
– Next, the attackers check your voicemail messages simply to try the default PIN code. With many phone operators, the default code is the last four digits of the phone number, Avraham writes.
If the pin code of the answering machine has not been changed from the original one, the hacker can listen to the messages on the answering machine and get the Whatsapp security code from there.
– After logging into your Whatsapp account, they set up a new two-step authentication, and you can no longer access your account again, Avraham explains.
When the user notices that his account has been hijacked, he has to contact Whatsapp to restore the user account. According to Avraham, the process takes several days.
– During them, hackers ask for money from your contact information or spread malware.
Avraham urges Whatsapp users to change the pin codes of their answering machines, so that it is not possible for hackers to listen to messages left on the answering machine. In addition, two-step authentication should be implemented in Whatsapp.