Theophanis Kasimis: After WhatsApp, what?

WhatsApp, used by 1.5 billion people worldwide, released a security update in recent days and urged users to install it immediately on their devices. This happened because hackers discovered a "vulnerable point" in the popular application, allowing them to install spyware on users' phones. Not all users were targeted by the hackers, but rather a "selected number" of them.

But how easy is it to get hacked and what can you do to increase your security? The most famous Greek hacker, Theofanis Kasimis, gave an answer to the newspaper "BAM to Reportage" about what exactly hacking is and explains how WhatsApp fell victim to espionage.

All it took was one... unanswered!

"With a single unanswered phone call, hackers managed to hack into WhatsApp, which was considered impenetrable. However, the security measures of the popular communication platform with 1.5 billion users worldwide proved to be insufficient. Essentially, security researchers identified and exploited a vulnerability in the application's software. Through this security loophole, the installation of malicious software on specific mobile phones became possible through phone calls. The victims of this cyber attack remained completely unaware, as the installation of the malware on WhatsApp did not require them to answer the calls. Additionally, there was no trace of the numbers' recognition or incoming call records."

What is hacking

The term "hacking" originates from small programs called hacks, which were commonly used in the early days of computers when programming was a challenging and laborious task, only accessible to a few individuals and primarily in machine language. The programmers who created such commands to facilitate their work were called hackers. Today, for most people, the term hacker incorrectly refers to a talented fanatic of computers who spreads destruction. Hackers themselves are bothered by this characterization and distinguish themselves from malicious hackers or crackers (criminal hackers) whose aim is to cause damage to large computer networks, create viruses, and engage in cyber-terrorism.

"With a single phone call - and unanswered - hackers hacked WhatsApp", says Theophanis Kasimis

Useful tips

Cybersecurity Expert, Theofanis Kasimis explains that like all countries, Greece could not be an exception to the hacking attacks. When asked if it is possible for our personal data to be safe, he gives a negative answer saying that 100% security does not exist but he gives us useful advice.

"We must constantly protect our mobile electronic device from potential malicious individuals who may want to add suspicious software or simply read our personal information. The best way to safeguard ourselves is to ensure that our devices running iOS operating system never fall into the hands of people who intend to harm us. Considering the exceptionally high risk of sensitive personal data leakage stored on our device, we can understand the significance of its protection. The stored data can range from social media passwords to credit card codes. If your mobile phone ends up in the wrong hands, think about the amount of information someone could access."

Software upgrade-update

Whenever your mobile phone is upgraded, it should be with the latest iOS software. These upgrades should be done via an internet-connected personal computer on which we have installed the iTunes program. Both updating the mobile device software and installing iTunes are the sole responsibility of the user. It is recommended that the software update be done from a computer that we are familiar with.

Do not use "Jailbreak" techniques

The term "Jailbreak" refers to the process of modifying the operating system of an iOS device in violation of the end-user license agreement. By performing a Jailbreak, the device's ability to handle attacks is significantly reduced because the enforcement of code signatures, which is an important security feature, is bypassed. With the Jailbreak process, it becomes much easier to gain access to an iPhone or iPad. Most public attacks targeting iOS devices require Jailbreaking first. Another related concern is the quality of tools and applications offered by the Jailbreak community. These free applications are developed with minimal supervision and limited testing. They may contain viruses or other malicious software and can potentially cause serious and irreversible damage to your device, including data loss.

Enable automatic lock and cue lock

Enabling automatic lock activates the automatic locking of the mobile device's screen after a pre-defined period of inactivity. It is important to ensure that automatic lock is enabled. The recommended screen lock time is approximately 3 minutes.

Don't connect wirelessly to networks you don't trust

Avoid or limit the use of wireless networks. When not in use, you should turn off the device to avoid exposure.

Secure use of e-mail

Make sure that all e-mail connections you use are encrypted. A prerequisite for this is that the server you are using can handle encrypted data: this is done in most cases. If they are not encrypted, your messages will be transmitted freely and it will be possible for someone to intercept and read them.

Turn off Bluetooth

Bluetooth should only be turned on when absolutely necessary. When we're not using it, we should have it turned off so that other devices can't detect our iOS device and try to connect to it.

Disable location services unless you need them. Location services can be used by applications on your device to determine your whereabouts. They should only be enabled in case of emergency or when applications need to know your location. Otherwise, disable or restrict them.