When you’re hacked on WhatsApp



Sisyphus had it easy compared to police officers who are tasked with investigating who might have compromised your WhatsApp account. The mythical Greek was condemned to eternally rolling a boulder up a hill, only to watch it roll back down again. But he never had to carry out a formal inquiry into a cyberattack.

This is something I discovered earlier this month at the Brooklyn police station in Tshwane, where I went to open a criminal case against an unknown person who had hacked my WhatsApp account.

“Sorry sesi, you say your WhatsApp has been stolen?” was the first question asked by the confused officer taking my statement. This was followed by numerous other questions from officers at the police station who had to decide exactly what crime had been committed.

My Sisyphus-like saga started when a friend alerted me on Instagram that she had received a suspicious text from my WhatsApp account that read: “Pls brw m money i will gv u tommorow. Pls i need it now i will coll u wen i’m free cos i cnt tlk wit a cell phn now. Pls col dis guy he will tell u ma problem. Constable mabhena. Pls coll him now.”

This was followed by numerous other texts and phone calls from family and friends who had received similar messages from my account. One friend, deeply concerned, phoned the number “Mabhena” provided and was told I had requested that he get R3  000 for bail on my behalf because I could not come to the phone. He provided details of an FNB ewallet into which she could transfer the money, which she duly did.

What to do next was the question I had to grapple with. I started by contacting my service provider telephonically to conduct a SIM swop in an attempt to block the number to prevent any more messages from being sent. That failed.

I was told by the provider’s call centre agent that even if I were to replace my SIM card, it would not help in this case because WhatsApp is a third-party application.

What came next was a long four hours spent trying to contact WhatsApp by email with a request to delete my account forever. I received automated replies acknow-ledging my request but these were of no use to me at the time.

I then uninstalled and reinstalled the app on my device, hoping that another verification code would be sent. But then the app opened a countdown to when the next verification code would arrive — in two hours. I was able to retrieve the account only eight hours after I was alerted to the issue, when WhatsApp finally sent a verification code.

But how was I hacked? The hijacking of my phone followed the hack of Facebook-owned WhatsApp in May, when sophisticated spyware was installed on an unknown number of smartphones, as reported by the Financial Times. The spyware, developed by Israel’s NSO Group, allowed attackers to target users through the WhatsApp voice-call feature.

At the time WhatsApp did not indicate how many of its 1.5-billion users had been affected by the hack but encouraged users to update their apps to the latest version.

In my case, the hacker appears to have been able to use the spyware to gain access to the verification code, firstly via an SMS and then through voicemail, both of which I received on the day of the hack. The code was then used to access WhatsApp using my number but on another smartphone, leaving me without control of the account.

The police advised me to open a case of fraud against the attacker. My friend’s good deed was thankfully reversed when she instructed her bank of the fraud.

Senior lecturer at the Wits School of Law Verine Etsebeth says that in the case of a data breach “it is very hard to identify and trace the hacker and even if you succeed, the chances are he is a teenager sitting on the other side of the world. In other words, jurisdiction will become a very complex and costly problem.”

Hawks spokesperson Hangwani Mulaudzi said officers undergo international training that focuses on “digital forensics and investigative methodology”. Hopefully this training will keep the boulder of cyber-attacks at the top of the hill.

Asked to comment, WhatsApp said it “can’t provide information about who accessed the account or the time and location it was accessed”.

The police have come with a case number, but that’s all. And yes, I’m still using WhatsApp.

Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Related stories


Subscribers only

Pandemic cripples learners’ futures

South African schools have yet to open for the 2021 academic year and experts are sounding the alarm over lost learning time, especially in the crucial grades one and 12

Q&A Sessions: George Euvrard, the brains behind our cryptic crossword

George Euvrard spoke to Athandiwe Saba about his passion for education, clues on how to solve his crosswords and the importance of celebrating South Africa.

More top stories

Power shift at Luthuli House

Ace Magashule’s move to distance himself from Carl Niehaus signals a rebalancing of influence and authority at the top of the ANC

Trump slinks off world stage, leaving others to put out...

What his supporters and assorted right-wingers will do now in a climate that is less friendly to them is anyone’s guess

The US once again has something  Africa wants: competent leaders

Africa must use its best minds to negotiate a mutually beneficial economic relationship

Stern warning against Covid greets Mthembu’s death

The ANC has slammed conspiracy theorists and cautioned against showing complacency towards the deadly virus

press releases

Loading latest Press Releases…