"WhatsApp Files on Dark Web Show Millions of Records For Sale"

In mid-November, a threat actor posting on a dark web forum claimed to have stolen the personal information of almost 500 million WhatsApp users.  Recently, Check Point Research (CPR) has published a new advisory analyzing the exposed files and confirming the leak includes 360 million phone numbers from 108 countries.  While CPR was unable to confirm the leaked numbers belonged to WhatsApp users, their researchers showed that the phone numbers varied in quantity among countries, ranging from 604 in Bosnia and Herzegovina to 35 million attributed to Italy.  CPR noted that the whole list went on sale for four days and is now being distributed for free among dark web users.  CPR stated that while the information on sale does not expose the content of any messages themselves, it is still worrying to see such a large volume of phone numbers for sale on the Dark Web.  There is the potential that this information could be used as part of tailored phishing attacks in the future.  One security researcher named Karol Paciorek, a security researcher from the computer security incident response team of the Polish financial sector (CSIRT KNF), claimed on Twitter that the leaked database is a re-use of an older 2019 Facebook breach.  Paciorek stated that the WhatsApp "leak" is nothing more than phone numbers obtained from the Facebook "leak" that took place in 2019.  He claimed that the sample of 5000 WhatsApp data records from Poland is identical to those they already saw in 2019.  As security experts continue to analyze the leaked data, the researchers are calling for WhatsApp users to take steps to increase their security posture.

Infosecurity reports: "WhatsApp Files on Dark Web Show Millions of Records For Sale"