Following reports of a major WhatsApp breach, Check Point Research analyzed WhatsApp-related files sold on the darknet and revealed that the leak contained 360 million phone numbers of WhatsApp users from 108 countries including Greece. WhatsApp breach exposes 360 million phone numbers in 108 countries
Check Point Research analyzed WhatsApp data on the Dark Web and found millions of files available for purchase.
Each country has a different number of files exposed, ranging from 604 in Bosnia and Herzegovina to a figure of 35 million attributed to Italy. Over the past four days the files, which include international dialing codes and were originally for sale, are now being freely distributed among hackers.
Commentary by Check Point Research: “While the information for sale is only active phone numbers and not the content of any messages, this is a very large-scale breach of a popular mobile app used by millions worldwide. A direct consequence of the breach is the ability to use these numbers as part of custom phishing attacks through the app itself. We urge all WhatsApp users to be extra careful about the messages they receive and to be extra careful when clicking on any links and messages shared on the app.”
Once cybercriminals gain access to phone numbers that are then sold, attacks such as vishing or smshing are likely to follow. Vishing is a form of social engineering attack where a victim is tricked into giving information over the phone, while smshing is conducted via SMS. With millions of files available for purchase, it is very likely that these types of attacks will increase. It is also possible for hackers to access other online services using the phone number, which can have more damaging consequences.
Check Point Research found an increase in phishing attacks during the holiday season, with a 17% increase in malicious emails during Black Friday and Cyber Monday. This year, Amazon Prime Day also saw an 86% increase in phishing emails related to Amazon. After the WhatsApp data breach and given the time of year, Check Point provides some simple tips to stay safe:
Make sure the sender is trustworthy: Never click on links from unknown senders. If you haven't assigned the number to a known contact and you can't verify their identity, block the number immediately.
Go directly to the source: If the link in a WhatsApp message appears to be associated with a legitimate service you want to use, go directly to the company's website to browse products and transact.
Do not click on suspicious links: If the URL in the message looks suspicious, it probably is. Do not click on anything or forward this message to avoid spreading malicious links to friends and family.