When you’re hacked on WhatsApp



Sisyphus had it easy compared to police officers who are tasked with investigating who might have compromised your WhatsApp account. The mythical Greek was condemned to eternally rolling a boulder up a hill, only to watch it roll back down again. But he never had to carry out a formal inquiry into a cyberattack.

This is something I discovered earlier this month at the Brooklyn police station in Tshwane, where I went to open a criminal case against an unknown person who had hacked my WhatsApp account.

“Sorry sesi, you say your WhatsApp has been stolen?” was the first question asked by the confused officer taking my statement. This was followed by numerous other questions from officers at the police station who had to decide exactly what crime had been committed.

My Sisyphus-like saga started when a friend alerted me on Instagram that she had received a suspicious text from my WhatsApp account that read: “Pls brw m money i will gv u tommorow. Pls i need it now i will coll u wen i’m free cos i cnt tlk wit a cell phn now. Pls col dis guy he will tell u ma problem. Constable mabhena. Pls coll him now.”

This was followed by numerous other texts and phone calls from family and friends who had received similar messages from my account. One friend, deeply concerned, phoned the number “Mabhena” provided and was told I had requested that he get R3  000 for bail on my behalf because I could not come to the phone. He provided details of an FNB ewallet into which she could transfer the money, which she duly did.

What to do next was the question I had to grapple with. I started by contacting my service provider telephonically to conduct a SIM swop in an attempt to block the number to prevent any more messages from being sent. That failed.

I was told by the provider’s call centre agent that even if I were to replace my SIM card, it would not help in this case because WhatsApp is a third-party application.

What came next was a long four hours spent trying to contact WhatsApp by email with a request to delete my account forever. I received automated replies acknow-ledging my request but these were of no use to me at the time.

I then uninstalled and reinstalled the app on my device, hoping that another verification code would be sent. But then the app opened a countdown to when the next verification code would arrive — in two hours. I was able to retrieve the account only eight hours after I was alerted to the issue, when WhatsApp finally sent a verification code.

But how was I hacked? The hijacking of my phone followed the hack of Facebook-owned WhatsApp in May, when sophisticated spyware was installed on an unknown number of smartphones, as reported by the Financial Times. The spyware, developed by Israel’s NSO Group, allowed attackers to target users through the WhatsApp voice-call feature.

At the time WhatsApp did not indicate how many of its 1.5-billion users had been affected by the hack but encouraged users to update their apps to the latest version.

In my case, the hacker appears to have been able to use the spyware to gain access to the verification code, firstly via an SMS and then through voicemail, both of which I received on the day of the hack. The code was then used to access WhatsApp using my number but on another smartphone, leaving me without control of the account.

The police advised me to open a case of fraud against the attacker. My friend’s good deed was thankfully reversed when she instructed her bank of the fraud.

Senior lecturer at the Wits School of Law Verine Etsebeth says that in the case of a data breach “it is very hard to identify and trace the hacker and even if you succeed, the chances are he is a teenager sitting on the other side of the world. In other words, jurisdiction will become a very complex and costly problem.”

Hawks spokesperson Hangwani Mulaudzi said officers undergo international training that focuses on “digital forensics and investigative methodology”. Hopefully this training will keep the boulder of cyber-attacks at the top of the hill.

Asked to comment, WhatsApp said it “can’t provide information about who accessed the account or the time and location it was accessed”.

The police have come with a case number, but that’s all. And yes, I’m still using WhatsApp.

Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Related stories

A colossus with feet of clay

South Africa is disproportionately targeted by cybercriminals. Digital attacks call for digital solutions and technology is a the prime weapon in this fight

The president, the preacher and the great escape

Malawi’s new president was furious after Shepherd Bushiri’s dramatic disappearance from South Africa

Patel: South Africa on target to attract R1.2-trillion in investments

The trade minister says the country is on track to reach more than R1-trillion worth of investments over five years, despite Covid-19 disruptions

South Africa must revisit and refresh its idea of itself

Covid has propelled citizens into feelings of a new shared identity in which the historical force of ‘whiteness’ is fading into irrelevance

Institutions of higher learning should commemorate their casualties

The bust of Matikweni Nkuna at Tshwane University of Technology is an example of how we should honour those who fought for equal access to education

Seals abort pups in mass die-off

There are a number of factors — a pollutant, virus or bacteria or malnutrition — that may have caused the 12 000 deaths on Namibia’s coast.

Subscribers only

Covid-19 surges in the Eastern Cape

With people queuing for services, no water, lax enforcement of mask rules and plenty of partying, the virus is flourishing once again, and a quarter of the growth is in the Eastern Cape

Ace prepares ANC branches for battle

ANC secretary general Ace Magashule is ignoring party policy on corruption-charged officials and taking his battle to branch level, where his ‘slate capture’ strategy is expected to leave Ramaphosa on the ropes

More top stories

Journey through anxious Joburg

A new book has collected writing about the condition of living, yes, with a high crime rate, but also other, more pervasive existential urban stresses particular to the Global South

Football legend Maradona dies

The Argentinian icon died at his home on Wednesday, two weeks after having surgery on a blood clot in his brain

Covid vaccines: Hope balanced with caution

As Covid vaccines near the manufacturing stage, a look at two polio vaccines provides valuable historical insights

Under cover of Covid, Uganda targets LGBTQ+ shelter

Pandemic rules were used to justify a violent raid on a homeless shelter in Uganda, but a group of victims is pursuing a criminal case against the perpetrators

press releases

Loading latest Press Releases…