A threat actor posted an ad on a hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers.
A threat actor posted an ad on a hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
While the leak of phone numbers associated with Whatsapp accounts sounds relatively harmless, this is valuable information to certain malicious actors, who could quite easily associate the numbers with the names and profiles of individuals and then use it for impersonation and phishing attacks.
Consider how prevalent email phishing remains, even with a huge amount of education and regular warnings about not trusting emails from unknown sources. Individuals are inherently even more trusting of messages they receive via apps like Whatsapp because they assume that they have given the person contacting them their number. With a little legwork, cybercriminals could easily trick high target individuals into thinking they are speaking to someone they know.
This demonstrates the importance of monitoring the dark web for data leaks, so you are aware of the latest risks and can take mitigating actions. Whatsapp is ubiquitously used around the world, including by politicians, celebrities, and company executives. They should be aware of this threat and be especially vigilant about approaches over Whatsapp and any other apps where the same number is used.