A pro-Palestinian hacktivist organization, Handala Hack, asserts that it has compromised the instant messaging service Viber. It would not be the first time; like many other applications, Viber is considerably less susceptible to hacking.

The group claimed it had obtained over 740GB of data from the company’s servers, including the source code for Viber, in a Telegram message. Handala Hack is demanding payment in the form of eight cryptocurrencies, equivalent to $544,000.

A new data leak vulnerability known as GhostRace affects modern CPUs.

“Have you previously observed the Viber Messenger administration panel? “Can you imagine the information of citizens that technology behemoths affiliated with the occupying regime may be storing?” the group asks in a Telegram message.

“Upon investigation, we have found no evidence to support any claims of intrusion into our systems or compromise of user data,” Viber informed Cybernews in a statement sent to Cybernews.

Viber, which was established in 2010 in Tel Aviv, Israel, was acquired by Rakuten, a Japanese multinational corporation, for $900 million in 2014. Handala Hack is believed to be an Iranian proxy group.

Hamid Kashfi, a Swedish-based independent IT security consultant, believes the incident could be quite severe due to the fact that Viber has never been recognized for its rigorous security measures and only recently adopted end-to-end encryption following a series of setbacks.

Before Telegram surpassed it, it was the most popular instant messaging and calling application in the region. “Until recently, Viber was NOT E2EE; therefore, if user chats are considered…,” Kashfi stated on X.

The Viber comprised data dump up for sale by the Handala group (a proxy actor of … you know) is a major one to have an eye on. It used to be the most popular IM/Call app in the region, before Telegram took over. Viber was NOT E2EE until recently, so if user chats are included,💀

— Hamid Kashfi (@hkashfi) March 14, 2024

A secure mobile service provider, Efani, explained in a blog post from the previous year why it believed Viber’s E2EE efforts could be significantly improved.

Deliberations have ensued regarding the effectiveness and transparency of Viber’s encryption methods, despite the fact that encryption is generally regarded as an advantageous attribute for safeguarding user information. Efani stated, “According to some authorities, Viber’s encryption could be more robust, leaving user chats vulnerable to hacking or eavesdropping.”

ChatGPT Plugins from Third Parties Might Facilitate Account Takeovers.

Cypriot police issued a warning as the most recent conflict between Israel and Hamas commenced in October 2023, detailing the escalating quantity of compromised Viber accounts. Two-factor authentication was recommended for users to enable in the security settings.

In 2014, University of New Haven researchers asserted that Viber was considerably simpler to compromise than alternative applications. Reportedly, they successfully intercepted mobile data transmitted via Viber by utilizing a personal computer as the phone’s wireless access point.

source