Changpeng Zhao, CEO of Binance, revealed in a tweet that 487 million additional WhatsApp phone numbers would be put up for auction.
A new set of 487 million WhatsApp phone numbers for sales in the Dark Web. A sample indicates the phone numbers are legit. Please stay vigilant as threat actors downstream will use this data to conduct smishing (phishing messages) campaigns. Stay SAFU. 🙏 pic.twitter.com/ZuDVXlzz4F
— CZ 🔶 Binance (@cz_binance) November 27, 2022
Data Breach on WhatsApp
He had samples that demonstrated the validity of the phone numbers. He urged people to use cautious since threat actors down the line will utilize this data to conduct smishing (phishing) operations.
On November 16, a fake post on a well-known hackers' forum claimed to be giving a 2022 database of 487 million WhatsApp subscriber mobile numbers.
Information about WhatsApp users from 84 different countries is contained in the package. The threat actor claims that there are more than 32 million US user records. Egypt has 45 million phone users, Italy has 35 million, Saudi Arabia has 29 million, France has 20 million, and Turkey has 10 million (20 million).
According to reports, the database for auction includes around 11 million UK phone numbers and almost 10 million Russian phone numbers. The malicious attackers claimed that they demanded $7,000, $2,500, and $2,000 for the raw data from the US, UK, and Germany, respectively.
Validated Data
Because criminals regularly use this information for smishing and phishing attempts, we encourage people to be wary of any calls from ominous numbers, uninvited calls, and messages. According to statistics, WhatsApp is used by more than two billion people each month.
Cybernews researchers were given access to a sample of the data by the company that supplies WhatsApp's database upon request. 817 US user numbers and 1097 UK user numbers were included in the shared sample.
Every single number in the sample was found to be a WhatsApp user after a thorough investigation by Cybernews.
Meta Ought to Exercise Greater Caution
All of the numbers in the sample, according to the hackers, are active WhatsApp users. They did not say how they got the database, only that they "used their approach to acquiring the information," without going into further detail.
Cybernews contacted Meta, WhatsApp's parent company, but received no clear response. Scalable data gathering, or "scraping," might be used to obtain user information for WhatsApp, which is against the terms of service.
This claim is purely hypothetical. However, enormous data dumps that are often published online have been obtained by scraping.
The site Meta meta, which has long been criticized for allowing third parties to scrape or obtain user information, revealed over 533 million user records on a dark forum. In essence, the offender was divulging the information.
A well-known hacker website advertised an archive purportedly containing data scraped from 500 million LinkedIn profiles days after news of a significant Facebook data breach broke.
