The situation escalated as the hackers sent messages to individuals in his network, posing as him to request sensitive information. Each compromised account led to further intrusions, creating a chain reaction of hacks.
To make matters worse, WhatsApp’s security measures temporarily locked Yarlagadda out of his account for 12 hours, he said. This lockout, triggered by multiple incorrect PIN attempts, gave the hackers ample time to exploit his account further, he said. They used this period to continue their fraudulent activities, targeting more unsuspecting victims.
Lessons Learned and Shared
After regaining control, Yarlagadda took to social media to share his experience and educate others on avoiding similar pitfalls. He stressed the importance of enabling two-factor authentication (2FA) on WhatsApp as an added security measure to prevent unauthorized access. He also advised against sharing one-time passwords (OTPs) or verification codes, even if the request appears to come from a trusted contact.Yarlagadda admitted that he had unknowingly shared information, emphasizing how even the most cautious individuals could fall prey to such tactics when caught off guard. He also criticized WhatsApp’s 12-hour lockout policy, pointing out that this prolonged lockout period inadvertently aids hackers. He suggested shorter lockouts or alternative security measures that would balance user safety and account recovery.”Don’t share any verification/OTP codes, even if the message asking for that is one of your contacts. (Yes, it was very stupid of me, but we can get entirely caught off guard. I did it unconsciously without thinking!)” he said in the post.
Netizens React
The incident resonated widely, with many sharing similar experiences and expressing concern over the security vulnerabilities in digital communication platforms. Some urged others to report such breaches immediately to cybercrime authorities and contact WhatsApp support to regain access.
Many highlighted the potential risks of a hacked WhatsApp account, which extend beyond privacy invasion. A breach could expose personal conversations, photos, and videos, leading to identity theft or blackmail. Hackers could also exploit compromised accounts to defraud contacts, resulting in financial losses.
Professional and personal reputations are also at stake, as hackers may send inappropriate or fraudulent messages from a victim’s account. The cascading nature of such hacks, where more accounts are compromised through the victim’s contacts, further exacerbates the damage.
Another netizen said that the same happened with one of his friends and they filed a complaint with cyber crime dept and sent a mail to WhatsApp support. “They will logout other device and allows you to login. This is what worked for us,” the netizen said.