When you’re hacked on WhatsApp



Sisyphus had it easy compared to police officers who are tasked with investigating who might have compromised your WhatsApp account. The mythical Greek was condemned to eternally rolling a boulder up a hill, only to watch it roll back down again. But he never had to carry out a formal inquiry into a cyberattack.

This is something I discovered earlier this month at the Brooklyn police station in Tshwane, where I went to open a criminal case against an unknown person who had hacked my WhatsApp account.

“Sorry sesi, you say your WhatsApp has been stolen?” was the first question asked by the confused officer taking my statement. This was followed by numerous other questions from officers at the police station who had to decide exactly what crime had been committed.

My Sisyphus-like saga started when a friend alerted me on Instagram that she had received a suspicious text from my WhatsApp account that read: “Pls brw m money i will gv u tommorow. Pls i need it now i will coll u wen i’m free cos i cnt tlk wit a cell phn now. Pls col dis guy he will tell u ma problem. Constable mabhena. Pls coll him now.”

This was followed by numerous other texts and phone calls from family and friends who had received similar messages from my account. One friend, deeply concerned, phoned the number “Mabhena” provided and was told I had requested that he get R3  000 for bail on my behalf because I could not come to the phone. He provided details of an FNB ewallet into which she could transfer the money, which she duly did.

What to do next was the question I had to grapple with. I started by contacting my service provider telephonically to conduct a SIM swop in an attempt to block the number to prevent any more messages from being sent. That failed.

I was told by the provider’s call centre agent that even if I were to replace my SIM card, it would not help in this case because WhatsApp is a third-party application.

What came next was a long four hours spent trying to contact WhatsApp by email with a request to delete my account forever. I received automated replies acknow-ledging my request but these were of no use to me at the time.

I then uninstalled and reinstalled the app on my device, hoping that another verification code would be sent. But then the app opened a countdown to when the next verification code would arrive — in two hours. I was able to retrieve the account only eight hours after I was alerted to the issue, when WhatsApp finally sent a verification code.

But how was I hacked? The hijacking of my phone followed the hack of Facebook-owned WhatsApp in May, when sophisticated spyware was installed on an unknown number of smartphones, as reported by the Financial Times. The spyware, developed by Israel’s NSO Group, allowed attackers to target users through the WhatsApp voice-call feature.

At the time WhatsApp did not indicate how many of its 1.5-billion users had been affected by the hack but encouraged users to update their apps to the latest version.

In my case, the hacker appears to have been able to use the spyware to gain access to the verification code, firstly via an SMS and then through voicemail, both of which I received on the day of the hack. The code was then used to access WhatsApp using my number but on another smartphone, leaving me without control of the account.

The police advised me to open a case of fraud against the attacker. My friend’s good deed was thankfully reversed when she instructed her bank of the fraud.

Senior lecturer at the Wits School of Law Verine Etsebeth says that in the case of a data breach “it is very hard to identify and trace the hacker and even if you succeed, the chances are he is a teenager sitting on the other side of the world. In other words, jurisdiction will become a very complex and costly problem.”

Hawks spokesperson Hangwani Mulaudzi said officers undergo international training that focuses on “digital forensics and investigative methodology”. Hopefully this training will keep the boulder of cyber-attacks at the top of the hill.

Asked to comment, WhatsApp said it “can’t provide information about who accessed the account or the time and location it was accessed”.

The police have come with a case number, but that’s all. And yes, I’m still using WhatsApp.

Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever. But it comes at a cost. Advertisers are cancelling campaigns, and our live events have come to an abrupt halt. Our income has been slashed.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years. We’ve survived thanks to the support of our readers, we will need you to help us get through this.

To help us ensure another 35 future years of fiercely independent journalism, please subscribe.

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian

Stella set to retain her perks

Communication minister will keep Cabinet perks during her two months of special leave

Not a sweet deal, Mister

Mister Sweet workers say they will not risk their health, and the lives of others, to continue producing and packaging confectionaries

Covid-19 grounds Nigeria’s medical tourists

The country’s elites, including the president, travelled abroad for treatment but now they must use the country’s neglected health system

Nehawu launches urgent court bid over protective gear for health...

The health workers’ union says the government has rebuffed its attempts to meet about mitigating risks to workers

Press Releases

Rahima Moosa Hospital nursing college introduces no-touch facial recognition access system

The new system allows the hospital to enrol people’s faces immediately, using artificial intelligence, and integrates easily with existing access control infrastructure, including card readers and biometrics

Everyone’s talking about it. Even Kentucky

Earlier this year South African fried chicken fast-food chain, Chicken Licken®, launched a campaign for their wallet-friendly EasyBucks® meals, based on the idea of ‘Everyone’s talking about it.’

New energy mix on the cards

REI4P already has and will continue to yield thousands of employment opportunities

The online value of executive education in a Covid-19 world

Executive education courses further develop the skills of leaders in the workplace

Sisa Ntshona urges everyone to stay home, and consider travelling later

Sisa Ntshona has urged everyone to limit their movements in line with government’s request

SAB Zenzele’s special AGM postponed until further notice

An arrangement has been announced for shareholders and retailers to receive a 77.5% cash payout

20th Edition of the National Teaching Awards

Teachers are seldom recognised but they are indispensable to the country's education system

Awards affirm the vital work that teachers do

Government is committed to empowering South Africa’s teachers with skills, knowledge and techniques for a changing world