WhatsApp and Telegram hacks are growing: what are the most common attacks and how to protect yourself

tricks, identity fraudaccount theft and other types of violations: WhatsApp, the most used messaging app in Latin America, constitutes a huge attack surface for scammers.

According to the data of fortinet, a company dedicated to cyber security, cases of hacking or identity theft through messaging applications are on the rise in the Latin American and Caribbean region. Among those affected we can find from ordinary users to business leadersgovernment officials, celebrities, and even political cases that have sparked scandals.

All of this takes place in a context of global growth in cybercrime: during the first half of 2022, the area received at least 137 billion cyber attack attempts from January to June, a 50% increase over the same period a year earlier (to $91 billion, all according to FortiGuard Labs).

“While we are all aware that hacking other people’s accounts without their consent is illegal and completely against the terms of use of most common applications like whatsapp or telegramthe reality is that cybercriminals are always looking for new ways to breach devices for purposes ranging from data theft to obtaining economic benefits,” explain from the threat lab.

For this reason, being cautious, understanding how accounts are stolen can help raise awareness and, above all, avoid being scammed.

The most common hacks to WhatsApp and Telegram

If we mean by hacking an intrusion or unauthorized access to an account, there are several techniques that can be used to seize the data of a third party, according to Fortiguard Labs:

• SIM exchange: This attack consists of swapping a phone’s SIM with another person’s SIM, in order to later use the swapped SIM to receive verification codes and access the victim’s account. For this reason it is very dangerous to have SMS as a second factor (see below).

• malware– Some cybercriminals use malware designed to spy on victims and gain access to their messaging accounts. These programs are often distributed via fake emails or downloads. HP Wolf Security, the company’s cybersecurity division, warned of this problem last year, generally known as virus. “One of our latest malware reports revealed that 29% of the malware caught was previously unknown due to the use of techniques to avoid detection. Furthermore, the most common malicious files were found to be documents (31%) , archive files (28%), spreadsheets (19%) and executables (17%)”, detailed by the company.

• Man-in-the-middle (MITM) attacks.: they consist of intercepting communications between two devices and modifying them to access the victim’s accounts.

• dictionary attacks– Dictionary attacks involve using automated programs to try different combinations of passwords and usernames until they find a combination that works. These attacks can be effective if the victim uses weak or common passwords.

• brute force attacks: Similar to dictionary attacks, but use automated programs to try all possible combinations of passwords and usernames.

On the other hand, most of the messaging apps have end-to-end encryption and security measures to protect user privacy. This means that only the person sending a message and the fileThe person who receives it can read it and no one else can access the content of the message.

However, it is important to note that no application is completely secure and it is your responsibility to take additional measures to protect our privacy and security.

The importance of the double factor

The two-factor authentication, called MFA or 2FA, is a security filter to protect accounts from unauthorized access. In an age where login details (username and password) are known to be constantly leaked and sold, 2FA allows a system to confirm that a person is the true owner of the account being logged into.

Validation occurs through something that, in theory, only the owner knows, owns or is: a password, a token or a biometric factor (fingerprint, face).

“Two-factor authentication has become a tool basic both for organizations and for people in their daily life. Applications such as social networks or even applications that we use other, well, let’s say, finance, banking applications, they have all these systems for free,” explains to Clarín Arturo Torres, threat intelligence strategist for FortiGuard Labs for Latin America and the Caribbean.

“It is important to be able to rely on these protection systems, as they provide an extra layer to protect our personal, financial, social network or even business information,” he adds.

“There are many ways to use two-factor authentication, both how tokens, messages, SMS or even too much biometric like cell phones, which use a fingerprint or even facial recognition, add up. There are even physical keys called FIDO that allow it to function as a physical second factor.

The expert assures that any option is good: it will always be better to have one than to have nothing. However, “Each of them has its own advantage and disadvantage.”.

“We use the one that best suits our needs, for example if you are a person who doesn’t pay attention to your cell phone, I suggest you use a token. If you lend your cell phone to your kids, if they can access those tokens, we really should be careful. The ideal is to use them correctly ”, she argues.

There is something quite important to remember, in this sense: SMS as a second factor is one of the most dangerous methods and preferred by those who hack WhatsApp accounts: while verifying by phone line, anyone who clones a line or a SIM card can enter the code received via sms and take control of the account.

“It’s best to enable authentication via an app (like Google or Microsoft Authenticator) on your phone. This is because companies that provide mobile phone services have serious vulnerability issues that allow maneuvers like the SIM exchange [robo de tarjeta SIM del celular para usarla en otro teléfono y acceder a nuestras cuentas] by a criminal. If they have access to our line, they have access to everything authenticated via that line number,” explains Jorge Litvin, a cybercrime and cybersecurity lawyer.

Password managers, allies against hacking

One of the recommended options for securing your accounts is to use a key manager. There are programs dedicated exclusively not only to storing passwords, but also to generating secure passwords, difficult to “crack” (i.e. guess).

“Ideally, we generate secure passwords, i.e. they have around 15 characters. These fonts have uppercase, lowercase, numbers and special symbols, and so on. So this can create challenges for users, because it becomes more difficult to remember these passwords due to this complexity,” he explains “There are other techniques as a passphrase, like: the name of a song, of a movie, but using uppercase, lowercase, special symbols,” he suggests, alternatively.

This is effective against called attacks “brute force”: “They can use computing power to crack those passwords in a matter of time and the longer and more complex we create the password obviously it will take longer for the attacker and many times it can take many, many years if we do it properly.”

Obviously it is very important to generate a strong master password, but also to have it two-factor authentication.

And finally, understand that there are no 100% safe methods – they all carry a risk.

“There have been very important cases like the one we just heard about a couple of weeks ago from LastPass, one of the most used key managers, who had a cybersecurity problem or incident, so when something like this happens, we have to change password and validate if this is the best service for us or we will look for a better alternative. In security, nothing is foolproof and we must abide by the risks”, he concludes.

SL