WhatsApp website attacked by hackers, goes offline

Graham Cluley
Graham Cluley
@[email protected]

WhatsAppHot on the heels of the defacement of the AVG anti-virus website, comes news that they’re not the only victims of pro-Palestinian hackers today.

It appears that the homepage of WhatsApp, the tremendously popular free messaging app, was also defaced.

Earlier today, the WhatsApp website displayed a pro-Palestinian message from the hackers under the title “You Got Pwned” and looked like this:

WhatsApp website

The message is identical to the one which appeared on AVG’s website earlier today.

As with the AVG hack, the group claiming responsibility for the defacement is the KDMS team, who appear to have a pro-Palestinian agenda.

It’s possible that the hackers managed to change the website’s DNS records, redirecting anyone who attempted to visit www.whatsapp.com to a different IP address.

Sign up to our free newsletter.
Security news, advice, and tips.

Presently users are finding it hard to reach the WhatsApp website – presumably because the company has taken it offline while they attempt to get a handle on this mess.

Sadly, it’s not the only security headache for WhatsApp today. Security researchers have claimed that there are serious weaknesses in WhatApp’s encryption which could make it possible for unauthorised parties to eavesdrop on your messages.

Let’s hope that the cause for the WhatsApp and AVG website hacks is discovered quickly, and the problem is resolved.

See also: AVG and Avira anti-virus websites attacked by pro-Palestinian hackers

Network SolutionsIt is now becoming clear that the WhatsApp servers (and indeed those which run the AVG and Avira websites) were not broken into by hackers, but that instead the companies were the victims of DNS hijacking.

DNS records work like a telephone book, converting human-readable website names like whatsapp.com into a sequence of numbers understandable by the internet. What seems to have happened is that someone changed the lookup, so when you entered whatsapp.com into your browser you were instead taken to a website that wasn’t under WhatsApp’s control.

The question now is how did the hackers manage to change the DNS records for whatsapp.com, avg.com and avira.com?

Could it be that cybercriminals managed to guess the passwords used to secure access to the information, and log in as though they were the administrators of the sites’ DNS records?

Or was Network Solutions – which manages the DNS records for these companies – tricked into changing the passwords, and as a result allowed the hackers to gain access to the DNS entries?

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

4 comments on “WhatsApp website attacked by hackers, goes offline”

  1. Andy

    This isn't a defacement, it's a redirection to another site. A defacement would mean that the legitimate code on the site had been altered.

    1. Graham CluleyGraham Cluley · in reply to Andy

      Thanks Andy. It certainly looks that way. I've updated the article.

      1. Pastor Dinah Ncube · in reply to Graham Cluley

        I have not been able to open my WhatsAp for two days. Each time I try to open there is a notice that says "This Version is too old, upgrade now". And of-course I can't upgrade. ( http error 503 /500 Service unavailable) Thanks for the info pray it will be resolved soon.

  2. Kudzanai Tafa

    How many days for whatsapp to be well.any one with the other address that i can use to get whatsapp

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.