Hacker booty: The data of around 500 million WhatsApp users worldwide is currently being offered for sale on the dark web, around 6 million of them are from Germany. A comment by Victor Chebyshev, Lead Security Researcher at Kaspersky.
As the Cybernews portal published, the data of 500 million WhatsApp users is offered on the dark web. The data set allegedly contains WhatsApp user data from 84 countries. The threat actor claims it contains over 32 million US user credentials. The package should also contain the data from these countries: Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), Turkey (20 million), Great Britain (11 million), Russia (10 million), Germany (6 million). The threat actor explained in chat to cybernewsthat he is selling the US record for $7.000, the UK record for $2.500 and the German record for $2.000.
Germany with 6 million accounts
“A database of up-to-date cell phone numbers from (allegedly) nearly 500 million WhatsApp users has been leaked and is currently being put up for sale. The seller claims to offer phone numbers of users from 84 countries. This is worrying, because once this type of data falls into the wrong hands, scammers can launch all sorts of attacks, from spam calls to voice phishing.
WhatsApp a little less secure
This also poses enormous data protection risks: the telephone number of a potential victim increases the chance of a successful attack for cybercriminals considerably, since most online services often require the telephone number to be entered in addition to personal data such as name, e-mail address or card details. Doxing, cyberbullying or extortion are other potential cyber threats that those affected could be exposed to.”
Kaspersky Consumer Security Advice
- Configure the data protection in the WhatsApp settings so that your own data can only be viewed by contacts in your own contact list.
- Be careful with calls and messages from unknown numbers.
- Enable two-factor authentication if it's not already enabled to prevent cybercriminals from using the number for malicious purposes.
- Never click on suspicious links in messages as malicious files may be attached or redirect to deceptive resources.