WhatsApp sent me a verification code but I did not request it.
It could be someone mistake, but such situation creates panic. In the first impulse I attempted to verify my account - number of connected devices - and disable all except one I am using now, but quickly found I think Telegram, there is nothing similar in WhatsApp!
Quick Web search brings many results. This one is not really hacking, but interestig one:
http://techviral.com/use-whatsapp-without-any-number/
Here is a serious threat:
http://gizmostorm.com/how-to-spy-on-someone-else-whatsapp-account-from-your-android/
It looks like WhatsApp account cloning was known for couple years already. Tenagers could do it. What about government and industry spies? They already have MAC address of my phone, as all these details ae stored for warranty purpose, government don't need Court order to access these details. MAC address can be captured on WiFi connection as well. They can also read my WhatsApp confirmation code (all SMS's are transmitted in open text and stored on ISP servers).
How encryption affect account cloning? WhatsApp is using first grade encryption (not a home-made), but it looks like it doesn't change anything, as encryption key is shared between cloned devices. Newer posts:
http://techviral.com/hack-whatsapp-account/
http://www.hugestreet.info/2015/06/spy-anyones-WhatsApp-account.html
It is important to note that once account is cloned, all past chats/messages can be read by hackers and intrusion remains undetected. In Telegram (secure chats) encryption key is changing regularly (maximum 2 weeks), so any security breach affects only very recent conversation. As only one configured device is able to receive a message, any intrusion will be noticed because of lost messages.
It could be someone mistake, but such situation creates panic. In the first impulse I attempted to verify my account - number of connected devices - and disable all except one I am using now, but quickly found I think Telegram, there is nothing similar in WhatsApp!
Quick Web search brings many results. This one is not really hacking, but interestig one:
http://techviral.com/use-whatsapp-without-any-number/
Here is a serious threat:
http://gizmostorm.com/how-to-spy-on-someone-else-whatsapp-account-from-your-android/
It looks like WhatsApp account cloning was known for couple years already. Tenagers could do it. What about government and industry spies? They already have MAC address of my phone, as all these details ae stored for warranty purpose, government don't need Court order to access these details. MAC address can be captured on WiFi connection as well. They can also read my WhatsApp confirmation code (all SMS's are transmitted in open text and stored on ISP servers).
How encryption affect account cloning? WhatsApp is using first grade encryption (not a home-made), but it looks like it doesn't change anything, as encryption key is shared between cloned devices. Newer posts:
http://techviral.com/hack-whatsapp-account/
http://www.hugestreet.info/2015/06/spy-anyones-WhatsApp-account.html
It is important to note that once account is cloned, all past chats/messages can be read by hackers and intrusion remains undetected. In Telegram (secure chats) encryption key is changing regularly (maximum 2 weeks), so any security breach affects only very recent conversation. As only one configured device is able to receive a message, any intrusion will be noticed because of lost messages.
Last edited: