WhatsApp

PTA Alert on the Increase in Fraud and Hacking on WhatsApp Pakistan Telecommunication Authority (PTA) has issued an alert to mobile users regarding the increasing number of hacking and cyber fraud incidents through WhatsApp. Scammers are using social engineering tactics to trick people into gaining access to sensitive personal information, which can result in financial losses and misuse of victims’ accounts. The PTA urges users to remain vigilant and implement security measures to protect against these threats. Criminals often take advantage of victims’ trust, making scams seem urgent and legitimate in order to manipulate them. ...

The threat actor Water Saci is evolving its tactics, now employing a sophisticated infection chain that uses HTA files and PDFs to propagate a worm. This worm deploys a banking trojan via WhatsApp, targeting users in Brazil. The attackers have shifted from PowerShell to a Python-based variant to spread malware via WhatsApp Web. The new multi-format attack chain uses AI to convert propagation scripts, enabling Water Saci to bypass security controls, exploit user trust, and increase infection rates. Users receive messages on WhatsApp with malicious PDF or HTA attachments, which activate the infection chain and drop a banking trojan. The infection chain involves: ...

Potentially Historic Massive Data Leak Austrian researchers have revealed a mass enumeration vulnerability in WhatsApp that allowed the extraction of 3.5 billion user phone numbers. This finding highlights a security flaw in the app’s “contact discovery” feature, which, lacking strict rate limiting, allowed researchers to scrape a large portion of WhatsApp’s user base. The method exploited by the researchers is based on how WhatsApp makes it easy to add contacts: when you enter a phone number, the platform instantly checks whether that number is registered and often displays the profile photo and associated name. By repeating this process billions of times using the browser-based WhatsApp app, researchers were able to collect phone numbers of almost all WhatsApp users in the world. ...

CTM360 has identified a rapidly expanding WhatsApp account hacking campaign, internally called HackOnChat. This campaign uses a network of deceptive authentication portals and phishing pages to target users around the world. Attackers exploit WhatsApp’s familiar web interface and employ social engineering tactics to trick users into compromising their accounts. CTM360’s research revealed thousands of malicious URLs hosted on low-cost domains and generated quickly by modern website building platforms, allowing attackers to deploy new pages at scale. A notable increase in incidents has been observed in recent weeks, especially in the Middle East and Asia. ...