Watch Hackers Using SS7 to Hijack Whatsapp

A recent YouTube video purports to show how hackers can take control of a Whatsapp account in order to read the victim’s messages and assume their identity. Although Whatsapp benefits from relatively secure end-to-end encryption, the problem of breaking that encryption is avoided by using SS7 messages to facilitate the creation of a bogus duplicate Whatsapp account, which then takes the place of the original. The video was made by Russian security firm Positive Technologies, who have also posted a blog explaining the techniques they use to take over Whatsapp and Telegram accounts. Watch below as they walk step-by-step through the hijacking of a Whatsapp account.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.