On November 16th, 2022, a threat actor going by the aliases “Palm Yunn” and “Agency123456” made a remarkable post on a popular hacking forum. The post claimed to be selling nearly 500 million phone numbers that were active on the instant messaging mobile app WhatsApp.
Some of the facts and figures about this alleged WhatsApp leak include:
The poster claims to have information on WhatsApp users from 84 different countries, including more than 30 million records of users in the United States.
Egypt (45 million numbers) and Italy (34 million numbers) are the countries hardest hit by the leak.
The data set of U.S. phone numbers costs $7,000, while the British and German numbers cost $2,500 and $2,000, respectively.
This WhatsApp leak comes in the wake of other massive alleged data breaches this year. In October 2022, for example, hackers claimed they had the personal data of 1.5 billion Facebook users, which they briefly attempted to sell on the Dark Web.
What is Web Scraping?
So how were the threat actors able to steal so many WhatsApp numbers? Did they find vulnerabilities in the system and discover how to hack into it? The answer is almost certainly no.
In the samples of phone numbers shared by the WhatsApp hackers, there was no mention of any user data except numbers. This is a strong indication that they were able to simply scrape the information.
Web scraping is the practice of using programs to gather large quantities of information and material from websites automatically. The scraped data is usually in a file format such as HTML, XML, or JSON. This raw input is sent to another application to be processed, cleansed, and transformed for easier analysis.
It’s important to note that scraping data isn’t always malicious: it can be used for benevolent purposes too, such as research. In this recent WhatsApp leak, however, scraping is clearly being used for illegal purposes in a clear violation of the platform’s terms of service.
Should I Be Worried About the WhatsApp Leak?
You might wonder, “Should I be worried about the November 2022 WhatsApp data breach?” Given the sheer size of the alleged records and the hefty fee charged by the hackers, it’s difficult to verify whether or not this leak has exposed any single person’s WhatsApp number. However, because no email addresses, names, or other personally identifiable information seem to have been included in the breach, we rank this as a low risk based on our current knowledge of the leak.
In general, you can protect your WhatsApp account through methods such as:
Ignoring links that seem suspicious or that were sent by an unknown number. Accessing these links can alert scammers that your number is active.
Using two-factor and multi-factor authentication wherever possible.
Creating strong passwords for your online accounts with a secure service, like our free password manager FYEO Identity.
Despite the risks involved, threat actors will continue to attack people and businesses as long as they stand to reap a financial reward. Anyone concerned about cybersecurity should take strict measures to reduce these kinds of threats. To learn more, check out FYEO’s suite of cybersecurity and threat intelligence solutions today.