Binance CEO Changpeng Zhao revealed in a tweet that another 487 million WhatsApp phone numbers would be auctioned on the Dark Web.
The WhatsApp Data Leak
The samples he had, showed that the phone numbers were authentic. He cautioned individuals to exercise caution since threat actors downstream will use this information to run smishing (phishing) activities.
An impostor claimed to be offering a 2022 database of 487 million WhatsApp user mobile numbers in an advertisement posted on a well-known hackers’ community site on November 16.
The file includes information on WhatsApp users from 84 different nations. More than 32 million US user records, according to the threat actor. Approximately 45 million people in Egypt, 35 million in Italy, 29 million in Saudi Arabia, 20 million in France, and 10 million in Turkey are phone users (20 million).
Approximately 10 million Russian and over 11 million UK phone numbers are reportedly included in the database for auction. According to the malicious attackers, they asked $7,000, $2,500, and $2,000 for the US, UK, and German raw data, respectively.
We advise individuals to be aware of any calls from unknown numbers, unwanted calls, and messages because criminals frequently utilize this information for smishing and phishing attempts. Over two billion people use WhatsApp every month, according to reports.
The supplier of WhatsApp’s database granted Cybernews researchers access to a sample of the data upon request. The shared sample included 817 US user numbers and 1097 UK user numbers.
Cybernews looked into every number in the sample and determined that every single one is a WhatsApp user.
Meta should be more cautious.
According to the hackers, all the numbers in the sample are active WhatsApp users. They did not clarify how they acquired the database but said they ‘applied their approach to gathering the information.
When Cybernews contacted Meta, the parent company of WhatsApp, there was no clear answer. Scalable data collection, commonly known as scraping, could be used to get user data for WhatsApp, which is against the service agreement.
This assertion is entirely theoretical. However, massive data dumps published online frequently have been acquired by scraping.
Over 533 million user records were exposed on a dark forum by Meta itself, a service that has long been criticized for allowing outside parties to scrape or acquire user information. The perpetrator was essentially giving away the data.
Days after a significant Facebook data breach made news, an archive supposedly containing information scraped from 500 million LinkedIn profiles was listed for sale on a well-known hacker site.