APSN Banner

4 million Indonesian users' WhatsApp data sold in deep web

Tempo - November 28, 2022

Cybernews, Imaji Lasahido (Intern), Jakarta – The selling of data on Indonesian citizens in deep webs is happening once more. In a hacking community forum, a person with the account name AllDataSource made an offer to sell data that was claimed to contain 487 million mobile phone numbers of WhatsApp users.

The data that is offered on November 16, 2022, was promised to consist of recent year data. It contains 130,331 Indonesian data that are for sale. Cyber security supervisor from Vaksincom, Alfons Tanujaya, said that there is more than that. "There is another leak that is even more concerning," he said via text message on Sunday, November 27, 2022.

"There is a second data leak that is being for sale, and it consists of 4 million (4.010.319) Indonesian WhatsApp user's data," he added.

Alfons provided the screenshot of the same hacker who wrote "Verified – Whatsapp number from all countries – More than 262 million (November 2022)."

The hacker also offers sample data for those who are interested in mentioning the name of the country. According to Alfons, the sample data provided is quite valid.

When viewed from the first offer, the top-ranked leaks came from Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million) and Turkey (20 million).

The dataset allegedly contains WhatsApp user data from 84 countries. The perpetrators claim there are over 32 million US user records included, with the addition of Russia (9 million), England (11 million), Singapore (3 million) and Brunei (200,000).

The perpetrators reportedly sold US data sets for US$7,000, UK data for US$2,500, and German data for US$2,000.

Since perpetrators obtain data through SMS phishing and voice phishing, it is advised for phone users to stay alert for any calls from unknown numbers or unsolicited calls and messages.

Alfons explained both phishing method, the first is through Smishing (SMS) in which the preparators gives a link via text messaging. The other one is Vhishing (phone call) which directs victims to phishing links using voice calls. "Vhishing = voice phishing. For example, pretending to be customer service, then directing the victim to click on a phishing link," Alfons explained.


Currently, WhatsApp is reported to have more than two billion monthly active users globally. WhatsApp's parent company, Meta, have not yet commented regarding the findings.

Information about WhatsApp users can be obtained by large-scale harvesting of information, also known as scraping, which violates WhatsApp's Terms of Service.

This claim is purely speculative. However, quite often, the massive data dumps posted online turn out to be obtained by scraping.

Meta itself has long been criticized for letting third parties collect user data, causing more than 533 million user records to leak on the deep web, and distributing the data collection for free.

Days after a massive Facebook data leak went to the news headlines, an archive containing data purportedly extracted from 500 million LinkedIn profiles, has been sold on a popular hacker forum.

Leaked phone numbers can be used for marketing, phishing, impersonation and fraud purposes. "In this day and age, we all leave a sizable digital footprint – and tech giants like Meta must take all precautions and means to protect that data," said the head of the Cybernews research team, Mantas Sasnauskas.

"We had to ask whether the additional clause 'scraping or misuse of the platform is not permitted in the Terms and Conditions' was sufficient. Preparators don't care about the term, so companies must take decisive steps to mitigate threats and prevent platform abuse from a technical point of view," he added.

To prevent the leakage of personal data, ordinary users should adopt common data security practices. This includes using a high-quality VPN and getting a reliable antivirus program.

Source: https://en.tempo.co/read/1661921/4-million-indonesian-users-whatsapp-data-sold-in-deep-we