500 million WhatsApp mobile numbers for sale on the dark web

A database of 487 million mobile numbers of WhatsApp users has been put up for sale on a hacking community forum. The dataset contains WhatsApp user data from over 84 countries, the post said. The story was first reported by Cybernews.

The seller of the leaked data is also offering it through the controversial messaging app Telegram, where the person or group uses the handle “Palm Yunn”. On the hacking community forum, the user is listed as “Agency123456”. The seller claims that the database is from 2022.

WhatsApp, owned by Meta, has over 2 billion active users worldwide and is one of the most popular mobile messaging apps. If all records are accurate, this data leak could affect almost a quarter of all WhatsApp users.

Meta did not respond to emails seeking comment on the leak.

WhatsApp data could lead to fraud incidents

Cybersecurity experts warn that the leak could lead to incidents of fraud, smishing and phishing.

“Threat actors can use these mobile numbers for phishing campaigns. Mobile numbers, if linked to bank accounts, can also lead to monetary fraud,” said Prashant Mali, a cybersecurity and privacy policy advocate.

Attackers can use leaked information for social engineering, agreed Anand Prakash, PingSafe founder and bug bounty hunter. However, Prakash pointed out that the leaked data itself does not contain any sensitive information.

“I don’t think this is a very critical leak, where someone can read the messages or log in remotely on WhatsApp. The leak only reveals whether a number is active on WhatsApp or not,” did he declare.

Prakash suspects the leak may have been the result of a vulnerability being exploited or a third party leaking the data. However, the real origin of the leak could not be determined.

Cybernews has provided a link where users can check whether their number is part of the leaked database or not.

On the hacking community forum, the vendor claims that the database contains 32 million records belonging to US WhatsApp users. In a conversation with Cybernews, the seller said he was ready to sell the US discs to anyone willing to shell out $7,000.

The global database also contains records of 45 million users from Egypt, 34 million from Italy, 29 million from Saudi Arabia, 20 million from France, 10 million from Russia, 11 million from the United Kingdom and 6 million users from India, the vendor claimed. .

An announcement was posted on the hacking forum on November 16 by the threat actors announcing the sale of the data.

A sample dataset of 1,097 UK user numbers and 817 US users was sent to Cybernews by the vendor and the publication’s researchers confirmed that the data was legitimate.

While the US data set is sold at $7,000, the UK one is sold at $2,500 and Germany at $2,000, according to the report.

Social media users have been a target of hackers for quite some time now. Vulnerabilities in these platforms could impact millions, if not billions, of users worldwide. For example, in October, around 1.5 billion Facebook user data was put up for sale on the dark web. The attackers had claimed that the database contained names, email addresses, phone numbers, locations, gender and user IDs. However, a few days after it was posted, the offer disappeared from the forum.

Similarly, in the same month, 500 million LinkedIn profiles were also put up for sale on a hacker forum. The vendors had also released 2 million leaked records as a sample to prove the authenticity of the data. The leaked data included users’ full names, email addresses, phone numbers, and work location information.