Can WhatsApp, Signal or Telegram be hacked through a SIM SWAP attack?

Question

In Cuba the telecoms/ISP monopoly, Etecsa, works with the political police to spy on dissidents, journalists and others.

A common attack in Cuba is therefore SIM Swapping which is easy for them. It is also effective in order to eavesdrop on phone conversations and SMS.

Would the SIM Swap enable the attacker to also hack WhatsApp, Signal or Telegram and gain access to these messages or calls? If so, are there any measures that can be taken to prevent the attacker from accessing the secure messaging apps via a SIM Swap attack?

A solution, but not answering the OP's question: Use a messenger that does not use SIM cards as identifier, like Threema. It's even open source now. — Marcel, Sep 14 '20 at 06:16
Thank you very much Pheric and ΕΨΗΕΛΩΝ we will tell the guys to use these PIN codes always — Pedro, Sep 15 '20 at 15:28

score 6 · Answer 1 · edited Sep 21 '20 at 18:58

I can only tell about WhatsApp because I do not use or specifically know about the others.

Basically, with a SIM swap attack, an adversary can get future messages intended for the target, but not access the chat history.

With WhatsApp, conversations are protected with a "security code" which enable the safe recognition of participants.

In a SIM swap attack (with a different phone used), the security code for the forged participant would change, so the others would get a notification - given they enabled that, which, unfortunately is not by default.

And it only notifies them once they receive back a message from the victim.

Read the Security Code Change Notification FAQ about it.

Furthermore, you can halt the attack altogether for 7 days if you use two-step authentication on WhatsApp.

Can WhatsApp, Signal or Telegram be hacked through a SIM SWAP attack?

1 Answers1