Foreword
The very method of number disclosure is a combination of one technical capability of the client himself and the application of social engineering (SI). In general, this function was already described earlier on Habré, already in 2016 - a
reference .
The author had already caught the âmessageâ and wanted to tell yawning users that it was
unsafe! , but his article yielded weakly to criticism. However, I went further and decided to show how this âfunctionâ acts in the hands of the âhackerâ.
The method is based on social engineering, so you have to communicate with the user whose number we want to find out. The whole point is that the user must crank up the usual manipulation inherent in messengers, but at the same time, he should not suspect - why should he do this very manipulation ...
What does the victim have to do to reveal his number? Consider an example.
There is user
A (
attacker ) and user
B (
victim ).
And he knocks on
B in a personal dialogue and sends a message. User
B is responsible. The dialogue begins. User
A is friends with user
B and adds it to his contacts. User
B is happy and also adds user
A to his contacts.
After that, user
A (the attacker) can see the number of user
B (the victim), but the victim (
B ) does not see the number of the attacker (
A ).
How did this happen?
Firstly, itâs not so simple either. It is desirable that the victim is located in the desktop messenger. When you click on the userâs icon, the following window opens:
Under the username is visible the inscription "ADD TO CONTACTS".
By clicking on it, a window will open such a window:
Everything is simple, you just need to confirm authorization and press "
DONE ". But it is after this that our number will be visible to this user. The fault is the default option â
Share my phone number â activated. Yes, it is activated by default, so users who add someone to their contacts ignore this feature.
Through the desktop client, we will be able to find out the number quite simply. The victim simply will not notice this option and will issue a number. But what about phone apps? Here the situation is more difficult.
Firstly, the victim will not immediately find the user authorization function. Secondly, it will not be clear to the victim - why add the user to contacts at all if the dialogue goes without problems. Thirdly, the option is called âshare my contactâ, which is already suspicious. And if you click this option, there will be a warning where the victimâs number and the text are written that the user will see it. The victim will not do this. Therefore, this method focuses more on the desktop application.
Therefore, before starting an attack, you must make sure that the victim is using a non-mobile version! There are many ways. For example, look at typing speed, text style, using stickers and emoticons, etc.
If we are sure that the victim is sitting on the computer, then you can start.
How to make the victim add you to your contacts?
Here you need to understand why you need the victim number. It is understood that you know in advance any information about the victim - occupation, interests, etc. Based on the dialogue, you yourself must formulate the reason why the victim should add you.
Of almost all practices, I used the method with two accounts: one is the main one, the second is fake. The bottom line is to start a dialogue with the victim from the first account, and then switch it to the second. The second account should not be specifically yours, but, for example, your
friend / brother / colleague . In general, you need to create an illusion for the victim, in which she begins to write to the second account, but cannot reach it (we need to ignore it). This will put the victim into a stupor, so she will begin to find out the reason from our first account, and we should act as a â
communication bridge â, as if directing the victim to add a second account to her contacts and, thus, issue her number.
Is it difficult? Then consider in practice.
I will give an example when I deanonymized darknet scammers.
Deanonymization of a scammer
And so, there is a certain user who engages in fraudulent activities related to finances - cashing out stolen money, etc.
I created 2 accounts (
A ) and (
B ).
From the first account (
A ) I wrote to the victim.
The victim entered into dialogue. I answer:
I paste the link to my second account (
B ).
The victim begins to write to account (
B ):
I donât read these messages on purpose.
From account (
B ) I write to my own account (
A ) the text and send it to the victim:
Here I do not set a specific task from the victim - so that he adds me to the contacts. Itâs as if I myself donât understand what the problem is, therefore I offer different options.
But the victim, at a loss, sends new letters to account (
B ), which I also ignore.
Next - I play a dialogue between my accounts (
A ) and (
B ), which I also send to the victim from the main account:
The victim's attention is distracted by this incident, so she is trying to understand what might be wrong. She least of all now thinks about her safety, because no links and files are sent to her. The victim simply cannot establish dialogue.
From account (
B ) I still read the messages, but did not answer the victim!
Next comes the final dialogue:
Here, the victim finally understands that the matter is in the contacts and then adds the account (
B ), ignoring the option âshare my phone numberâ.
After that, the victim number was displayed in my account (
B ).
I will tell you straight. I tried on many contacts and 7 out of 10 added me to contacts, revealing my number. Basically, I disclosed scammers, drug dealers and other unreasonable âdalqube.â But with ordinary users, you can find a common language, including cunning and rub yourself into confidence. It would seem: âwhat's so cool about it? Itâs so easy! â But did you know about this? .. I donât think so. If only Telegram unchecked this box by default when you add it to your contacts, then everything would be different. But all this is not important, because everything is so good;)