Get more Mail & Guardian
Subscribe or Login

When you’re hacked on WhatsApp



Sisyphus had it easy compared to police officers who are tasked with investigating who might have compromised your WhatsApp account. The mythical Greek was condemned to eternally rolling a boulder up a hill, only to watch it roll back down again. But he never had to carry out a formal inquiry into a cyberattack.

This is something I discovered earlier this month at the Brooklyn police station in Tshwane, where I went to open a criminal case against an unknown person who had hacked my WhatsApp account.

“Sorry sesi, you say your WhatsApp has been stolen?” was the first question asked by the confused officer taking my statement. This was followed by numerous other questions from officers at the police station who had to decide exactly what crime had been committed.

My Sisyphus-like saga started when a friend alerted me on Instagram that she had received a suspicious text from my WhatsApp account that read: “Pls brw m money i will gv u tommorow. Pls i need it now i will coll u wen i’m free cos i cnt tlk wit a cell phn now. Pls col dis guy he will tell u ma problem. Constable mabhena. Pls coll him now.”

This was followed by numerous other texts and phone calls from family and friends who had received similar messages from my account. One friend, deeply concerned, phoned the number “Mabhena” provided and was told I had requested that he get R3  000 for bail on my behalf because I could not come to the phone. He provided details of an FNB ewallet into which she could transfer the money, which she duly did.

What to do next was the question I had to grapple with. I started by contacting my service provider telephonically to conduct a SIM swop in an attempt to block the number to prevent any more messages from being sent. That failed.

I was told by the provider’s call centre agent that even if I were to replace my SIM card, it would not help in this case because WhatsApp is a third-party application.

What came next was a long four hours spent trying to contact WhatsApp by email with a request to delete my account forever. I received automated replies acknow-ledging my request but these were of no use to me at the time.

I then uninstalled and reinstalled the app on my device, hoping that another verification code would be sent. But then the app opened a countdown to when the next verification code would arrive — in two hours. I was able to retrieve the account only eight hours after I was alerted to the issue, when WhatsApp finally sent a verification code.

But how was I hacked? The hijacking of my phone followed the hack of Facebook-owned WhatsApp in May, when sophisticated spyware was installed on an unknown number of smartphones, as reported by the Financial Times. The spyware, developed by Israel’s NSO Group, allowed attackers to target users through the WhatsApp voice-call feature.

At the time WhatsApp did not indicate how many of its 1.5-billion users had been affected by the hack but encouraged users to update their apps to the latest version.

In my case, the hacker appears to have been able to use the spyware to gain access to the verification code, firstly via an SMS and then through voicemail, both of which I received on the day of the hack. The code was then used to access WhatsApp using my number but on another smartphone, leaving me without control of the account.

The police advised me to open a case of fraud against the attacker. My friend’s good deed was thankfully reversed when she instructed her bank of the fraud.

Senior lecturer at the Wits School of Law Verine Etsebeth says that in the case of a data breach “it is very hard to identify and trace the hacker and even if you succeed, the chances are he is a teenager sitting on the other side of the world. In other words, jurisdiction will become a very complex and costly problem.”

Hawks spokesperson Hangwani Mulaudzi said officers undergo international training that focuses on “digital forensics and investigative methodology”. Hopefully this training will keep the boulder of cyber-attacks at the top of the hill.

Asked to comment, WhatsApp said it “can’t provide information about who accessed the account or the time and location it was accessed”.

The police have come with a case number, but that’s all. And yes, I’m still using WhatsApp.

Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Subscribe to the M&G

Thanks for enjoying the Mail & Guardian, we’re proud of our 36 year history, throughout which we have delivered to readers the most important, unbiased stories in South Africa. Good journalism costs, though, and right from our very first edition we’ve relied on reader subscriptions to protect our independence.

Digital subscribers get access to all of our award-winning journalism, including premium features, as well as exclusive events, newsletters, webinars and the cryptic crossword. Click here to find out how to join them and receive a 40% discount on our annual rate.

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Related stories


Subscribers only

Seven years’ radio silence for taxpayer-funded Rhythm FM

Almost R50-million of taxpayers’ money has been invested but the station is yet to broadcast a single show

Q&A Sessions: Zanele Mbuyisa — For the love of people-centred...

She’s worked on one of the biggest class-action cases in South Africa and she’s taken on Uber: Zanele Mbuyisa speaks to Athandiwe Saba about advocating for the underrepresented, getting ‘old’ and transformation in the law fraternity

More top stories

Limpopo teachers put fingers in primary schoolchildren’s underwear, SAHRC hears

The Human Rights Commission in Limpopo is hosting hearings into bullying, corporal punishment and the sexual abuse of learners by teachers in the province

‘We must not allow scavengers to eat the energy sector’

Mineral resources and energy minister Gwede Mantashe said the transition to renewable energy cannot be an overnight accomplishment.

Finding an HIV vaccine: Five lessons from the search for...

The Covid-19 pandemic has shown that vaccine development and testing timelines can be shrunk from decades to months, but not without shortcomings

Pandemic leaves 1.4 billion learners worldwide behind on education

Human Rights Watch warns that learners may take years to recover from the damage caused by school closures

press releases

Loading latest Press Releases…