Ask HN: Hackers locked my dad out of WhatsApp – need advice

by uj8efdkjfdshfon 12/20/2020, 12:58:43 AM with 4 comments
  • by philtaron 12/20/2020, 4:03:07 AM

    I emailed whatsapp about this a while back and they said it was a non-issue.

    How this happens:

    1. Hacker adds phone number to their own whatsapp. They do this to thousands/tens of thousands of phone numbers.

    2. All of those phone numbers receive an SMS with the OTP to activate whatsapp. In that OTP, there's also a link that will activate whatsapp if you click it. "Enter code XXXXXX or click this link to activate whatsapp on your new phone"

    3. Someone, somewhere eventually clicks that link.

    4. Hackers take whatsapp account. Add two-factor authentication to it so that you can't take it back by reauthenticating normally.

    5. Extortion.

    People usually get it back by contacting whatsapp.

  • by shail_officialon 12/21/2020, 6:58:02 PM

    Please reach out to the product security team at Facebook.

  • by tsjqon 12/20/2020, 1:00:51 AM

    Is his sim card working, or have they done a sim swap attack?

  • by tuxon 12/20/2020, 9:49:08 AM

    Stop using WhatsApp :) If WhatsApp can't protect your account well, better not use it at all. There are many alternatives today. https://lifehacker.com/the-best-whatsapp-alternatives-183206...