A recent YouTube video purports to show how hackers can take control of a Whatsapp account in order to read the victim’s messages and assume their identity. Although Whatsapp benefits from relatively secure end-to-end encryption, the problem of breaking that encryption is avoided by using SS7 messages to facilitate the creation of a bogus duplicate Whatsapp account, which then takes the place of the original. The video was made by Russian security firm Positive Technologies, who have also posted a blog explaining the techniques they use to take over Whatsapp and Telegram accounts. Watch below as they walk step-by-step through the hijacking of a Whatsapp account.
About the Author
Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others. Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a founding member of Qatar's National Committee for Internet Safety and the first leader of the TM Forum's Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group, and is an editorial advisor to Black Swan. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy. Commsrisk is edited by Eric. Look here for more about Eric's history as editor.