contador web Saltar al contenido

QRLjacking: Understand WhatsApp Account Hijacking by QR Code | Security

A new scam exploits a weakness in the QR Code access system to hijack accounts using this type of authentication, such as WhatsApp Web. Hackers have developed a tool that runs QRLjacking, a technique that can clone QR codes to capture user credentials. you want to sign in to. The hacker only needs to convince the target to use their cell phone to scan the cloned image on a fake website. When the strategy is successful, the criminal gains access to the full history of casualty conversations without arousing suspicion. Get details of the scam that threatens WhatsApp users and know how to protect yourself.

WhatsApp scam wears America's Cup and promises free Nike shirt

QR Code exploit could hit WhatsApp Web users Photo: TechTudoQR Code exploit could hit WhatsApp Web users Photo: TechTudo

QR Code exploit could hit WhatsApp Web users Photo: TechTudo

Want to buy a cell phone, TV and other discounted products? Meet the Compare TechTudo

The technique of QRLjacking is to clone the original QR code displayed at login time. In the case of WhatsApp, the hacker may display the QR code on its own page, specially modified to intercept the authentication sent by the application when scanning with the mobile phone to use WhatsApp Web or WhatsApp Desktop.

With the login information, the criminal can access the victim's account on another device and start poking around. The invasion does not prevent the victim to continue using WhatsApp normally on the phone, making the attack more difficult to discover.

The next step is to monetize the invasion, either by using private conversation information to extort the victim or by targeting credit card numbers and other user-shared bank data with trusted contacts without knowing that there is any lurking.

The scam is only likely to work if the user scans a WhatsApp QR code on unofficial channels. For example, you may come across fake pages that mimic WhatsApp Web or sites that promise flashy awards to encourage a potential victim to enter WhatsApp and scan the code that appears on the page. The code works because it is the result of cloning performed by the hacker. The fake page is responsible for intercepting the login.

The method draws attention because it does not require in-depth knowledge to be applied. In theory, I just need to download a program made available by hackers from the internet to clone QR codes. Then simply create a flashy page and lurk in a public network, looking for potential victims. The case has more phishing features than a sophisticated hacker attack.

The simplest way to not be a victim is to never log in to WhatsApp on suspicious websites. The recommendation is to always access via WhatsApp Web (web.whatsapp) or WhatsApp Desktop, available from the Microsoft Microsoft Store and the macOS Mac App Store.

In order not to fall into the trap of fake websites, it is also important to avoid logging in to WhatsApp Web over public Wi-Fi connections. The hacker must be on the same network as the victim to deliver the scam, increasing the chances of such a danger residing in places where there is free internet access for visitors.

In case of suspicion, check if there is HTTPS connection on WhatsApp Web (the officer always has) and check the address spelling to make sure that the computer is accessing the authentic page.

Via ESET and INFOSEC Institute

WhatsApp: Five Tips for Using the App Safely

WhatsApp: Five Tips for Using the App Safely