WhatsApp hack on politician revealed, amid onslaught of attempted cyber attacks

WhatsApp hack on politician revealed, amid onslaught of attempted cyber attacks

WhatsApp hacking: A growing threat to government officials

A Senate estimates hearing has revealed that a parliamentarian's WhatsApp account was compromised in March, leading to a temporary block of the messaging service on parliamentary desktop devices. The hack, attributed to a foreign state actor, exploited phishing techniques to steal verification codes and gain unauthorized access to multiple accounts. This incident is part of a broader trend of cyber attacks targeting government officials worldwide.

The Department of Parliamentary Services (DPS) confirmed that the accounts of the parliamentarian and their three staffers were compromised on 6 March, affecting both personal and DPS-managed devices. Mike Webb, chief information officer at DPS, testified that the attack leveraged phishing scams to trick users into providing verification codes, allowing hackers to access WhatsApp Web sessions.

The scale of the threat: Phishing attacks on the rise

In the current financial year alone, DPS detected 46 cases of malware and approximately 20,000 phishing attempts targeting parliamentarians and departmental devices. These figures underscore the relentless nature of cyber threats faced by political figures. Webb noted that state-sponsored phishing campaigns targeting government officials are a "genuine global issue," with similar warnings issued by countries like Germany and the United States.

How phishing compromises WhatsApp accounts

Phishing attacks rely on social engineering to deceive users into disclosing sensitive information. In the case of WhatsApp, attackers often impersonate official support or contacts, requesting a verification code that is typically sent via SMS. Once obtained, they can log into the victim's account on a web browser, gaining access to messages and media. This method bypasses encryption, as the attacker uses the victim's legitimate session.

Common tactics used by attackers

  • Fake support messages asking for verification codes
  • Urgent requests to click on malicious links
  • Impersonation of trusted contacts or services

Global precedents: High-profile WhatsApp hacks

This is not an isolated event. In 2019, a spyware known as Pegasus, developed by Israeli firm NSO Group, was used to target journalists and activists in India, including human rights defenders and lawyers. The spyware could be installed via missed WhatsApp calls, without any user interaction. Similarly, a Catalan politician had his phone infected with Pegasus spyware, raising concerns about state-sponsored espionage.

The role of foreign state actors

In the Australian case, DPS has indicated evidence of a foreign state actor's involvement. This aligns with patterns seen in Germany, where a large-scale phishing campaign targeted Signal and WhatsApp users, including high-ranking politicians like Bundestag President Julia Klöckner. The attackers, alleged to be Russian state actors, impersonated Signal support to trick victims into revealing verification codes.

Lessons learned: Strengthening defenses against phishing

The best defense against phishing is user awareness and robust security practices. Officials and staff should be trained to recognize suspicious requests, enable two-factor authentication, and report incidents promptly. Organizations like DPS now take immediate action, such as blocking services and involving cybersecurity agencies, to mitigate damage. As threats evolve, continuous vigilance and international cooperation are essential to protect democratic processes.