Your personal cyber security and anti-hacking news

What To Do If Your WhatsApp Account Gets Hacked? – LogDog

by: Omri Toppol
what to do if you end up with your WhatsApp account Hacked

A giant WhatsApp hack that could easily infect your computer with malware is making headlines right now, but the first thing you should do about it is RELAX!

If your WhatsApp account was hacked, there’s a good chance your email was too…

Start by checking if your email account has been hacked – because most hacks start within your email.

Do it using this free tool to find and help you remove exposed passwords, credit cards, bank and social security numbers in your email account, and keeping you safe.

The tool will keep you safe by removing any and all private data putting you at risk for credit card and identity theft. So if hackers hack your inbox, they won’t find what they’re looking for, and you’ll be protected.

A few things that’s good to know…

The cybersecurity firm Check Point published an article about a massive vulnerability in the WhatsApp Web service that could have potentially affected each and every one of the service’s hundreds of millions of users. (Scary! But keep reading.)

In late August 2015, Check Point researcher Kasif Dekel discovered the “MaliciousCard” vulnerability through which attackers could easily infect victims’ computers with any malicious code they wanted—Trojan Horses, ransomware, spyware. You name it, they could get it onto your machine.

How? WhatsApp Web is the web-based version of the massively popular messaging app WhatsApp.

It allows users to chat with each other via a website instead of only through their phones. The service automatically syncs with your phone so you can see all messages on both your phone and computer.

Typically, when we share contacts with one another using our smartphones, we do so through vCards.

Check Point’s Dekel managed to masquerade malicious code as a vCard and send it via WhatsApp. The web application assumed that the file being sent through it is safe, so it allowed recipients to activate it. Receive a contact. Click it. Download it. BAM! That’s all it took for attackers to infect victims’ computers.

Once they ran the executable files, the malicious software in the vCard would get installed and the machine would become infected.

To make matters worse, according to Check Point, “to target an individual, all an attacker needs is the phone number associated with the account.”

But wait, there’s good news!

Unlike some companies that take forever to roll out a fix for these types of vulnerabilities, WhatsApp was impressively quick to act. They rolled out a fix a mere six days after Check Point informed them of the issue. Bravo, WhatsApp!

You can go back to breathing normally now.

WhatsApp Hacked! How To Protect Yourself

But wait, should I still worry?

The “MaliciousCard” vulnerability needs you to specifically open a shared vCard on your computer. So if you haven’t done that, you’ve got no reason to worry. (Commence jump for joy!)

If you did receive a vCard through WhatsApp Web and it contained the info of the contact you expected or asked for, you can also take a moment to breathe a deep sigh of relief.

BUT, if you’re one of the (hopefully few) people who received and activated a vCard that appeared to contain no contact details, it would make sense for your palms to be getting a little sweaty right now.

If they are, the thing to do is to get an antivirus for your computer and run a scan ASAP to rid your device of any malware that may be on it. Don’t worry, you can get an antivirus for free.

What can I do to protect myself?

I’m glad you asked, because that’s the key question to ask any time we learn about these types of major vulnerabilities—especially ones affecting services everyone and their grandmother uses.

But no one wants their WhatsApp account hacked. So what should you do?

In this case, keeping yourself protected is pretty simple. Just make sure you’re using the latest version of the app, and clear the cache on your computer’s browser (here’s how).

Also, once you re-open WhatsApp Web, log in using the mobile app. By clearing the cache, you force the browser to re-download the most recent version of WhatsApp Web.

So WhatsApp can be hacked. What can we learn from this?

So far, WhatsApp and WhatsApp Web have been considered pretty “safe.” But what this event teaches us is that even “safe” environments can contain vulnerabilities that talented hackers can exploit. “MaliciousCode” proves that WhatsApp can be hacked!

With this in mind, it’s always best to follow good, basic security behavior (like not opening a vCard from a number you don’t recognize).Whatever device you’re using, you should never trust or open attachments from unknown sources.

Sadly, today’s Internet is a dangerous place and everyday users need to know how to be smart about what they’re doing online.

Always be on the lookout for suspicious activity—whether it’s a call from an unknown number, an attachment from an unsolicited email, or a seemingly innocent vCard.

Written by  Omri Toppol

Omri is LogDog's marketing guy. He is passionate about technology, digital marketing and helping online users to stay safe and secure

« | »

Other Posts

Get Protected

Enter your email and receive security updates * 100% privacy guaranteed, we will never spam you.