In mid of November, a cyber threat actor claimed on a dark web forum to have stolen the personal credentials of around 500 million WhatsApp users. Following the incident, Check Point Research (CPR) published a new advisory in which they analyzed the leaked files including 360 million phone numbers from 108 countries.
However, data coming from each country show a different ratio of exposed data, ranging from 604 in Bosnia and Herzegovina to 35 million attributed to Italy. Additionally, in the initial days of the hack, the hackers set files for sale which included international dial codes, however, now the same data is being distributed free of cost amongst hackers.
The hack first was exposed on 16th November in a message published by the cyber threat actor on the hacking forum named BreachForums.
“While the information on sale does not expose the content of any messages themselves, it is still worrying to see such a large volume of phone numbers for sale on the Dark Web. There is the potential that this information could be used as part of tailored phishing attacks in the future,” Deryck Mitchelson, field CISO of EMEA at CPR said.
Once the threat actors get the access to phone numbers of users and then sell the same, attacks such as smishing or vishing are likely to follow.
“The WhatsApp ‘leak’ is nothing more than phone numbers obtained from the Facebook ‘leak’ that took place in 2019. The sample of 5000 WhatsApp data records from Poland is identical to those we already saw in 2019,” Paciorek claimed.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: