A New Delhi-based think-tank Cyberpeace Foundation, said on Monday, that a few China-based hackers are targeting WhatsApp users in the country with the promise of ‘part-time’ jobs. Especially in a time when WhatsApp is already under the radar for breaching privacy, this has added to the issue.
The messages which were along with some links lured the people into believing that one can earn Rs 200 to Rs 3,000 in a day in 10 to 30 minutes.
An independent investigation has been initiated by the Cyber peace foundation, along with the aid of some experts from AutobotInfosec Private Ltd.
Some astounding statements made by the Cyber peace foundation are:-
“There are multiple links that redirect to a common URL and each individual link uses various numbers to send a message,” It can be observed that the same outgoing link is used for multiple links with variation in the numbers. The parameter in the links indicates that they can be redirected to WhatsApp in all regions and in languages other than English,”.
Technicalities –
Apparently, all the links had a common redirection and outgoing source. Strangely, in one particular link, a different URL was found and a new IP address that belongs to one of China’s hosting company Alibaba Cloud was found too. When this specific URL is tampered with, an error code is displayed in the Chinese language. Also, the domain names found during the investigation seem to have been registered in China.
The report addresses the fact that “ The IP address of the link is 47.75.111.165 and it can be traced to Alibaba Cloud, the city Hong Kong and the country China,”.
This is not the first time that such atrocities are coming to light. Some time ago, the hackers targeted the Ministry of Foreign Affairs, Ministry of Defence, and the Ministry of Information and Broadcasting. A cyber threat intelligence firm, based in Singapore, Cyfirma Research explained that the Chinese hacker groups are targeting entities like the Defence Ministry, Reliance Jio, Airtel, BSNL, Micromax, Cipla, Sun Pharma, MRF, and L&T.
The targeted sectors covered a wide arena — telecom, pharma, media companies, smartphone makers, construction, and tire firms. A handful of the common attacks attempted by these firms included defacing websites using vulnerabilities in web applications, spying on personal data using specialized malware, absolute denial of service and copying websites of companies, and launching malicious phishing campaigns.
In another incident, about 2 years back, The Indian Army had warned WhatsApp users to stay alert as the Army alleged that Chinese hackers are targeting Indian users to extract personal data. The army had also warned its soldiers posted along the Line of Actual Control (LAC) against using a host of applications, including WhatsApp.
The Army advised WhatsApp users to be vigilant and asked them to conduct regular audits of their groups to see if any number starting with +86 had joined a group. Army also warned mobile users to stay extra vigilant while changing their mobile numbers.
