BOOM

Trending Searches

    SUPPORT
    BOOM

    Trending News

      • Fact Check 
        • Fast Check
        • Politics
        • Business
        • Entertainment
        • Social
        • Sports
        • World
      • Law
      • Explainers
      • News 
        • All News
      • Decode 
        • Impact
        • Scamcheck
        • Life
        • Voices
      • Media Buddhi 
        • Digital Buddhi
        • Senior Citizens
        • Videos
      • Web Stories
      • BOOM Research
      • BOOM Labs
      • Deepfake Tracker
      • Videos 
        • Facts Neeti
      • Home-icon
        Home
      • About Us-icon
        About Us
      • Authors-icon
        Authors
      • Team-icon
        Team
      • Careers-icon
        Careers
      • Internship-icon
        Internship
      • Contact Us-icon
        Contact Us
      • Methodology-icon
        Methodology
      • Correction Policy-icon
        Correction Policy
      • Non-Partnership Policy-icon
        Non-Partnership Policy
      • Cookie Policy-icon
        Cookie Policy
      • Grievance Redressal-icon
        Grievance Redressal
      • Republishing Guidelines-icon
        Republishing Guidelines
      • Fact Check-icon
        Fact Check
        Fast Check
        Politics
        Business
        Entertainment
        Social
        Sports
        World
      • Law-icon
        Law
      • Explainers-icon
        Explainers
      • News-icon
        News
        All News
      • Decode-icon
        Decode
        Impact
        Scamcheck
        Life
        Voices
      • Media Buddhi-icon
        Media Buddhi
        Digital Buddhi
        Senior Citizens
        Videos
      • Web Stories-icon
        Web Stories
      • BOOM Research-icon
        BOOM Research
      • BOOM Labs-icon
        BOOM Labs
      • Deepfake Tracker-icon
        Deepfake Tracker
      • Videos-icon
        Videos
        Facts Neeti
      Trending Tags
      TRENDING
      • #Operation Sindoor
      • #Pahalgam Terror Attack
      • #Narendra Modi
      • #Rahul Gandhi
      • #Waqf Amendment Bill
      • #Arvind Kejriwal
      • #Deepfake
      • #Artificial Intelligence
      • Home
      • Decode
      • It Wasn’t Just A WhatsApp Image...
      Decode

      It Wasn’t Just A WhatsApp Image That Stole Rs 2 Lakhs- There’s More To It

      A man from Jabalpur lost Rs 2 lakh after clicking a photo on WhatsApp, claiming it triggered a malware attack. Decode spoke to cybersecurity experts.

      By -  Hera Rizwan |
      24 April 2025 3:45 PM IST
    • Boomlive
      Listen to this Article
      It Wasn’t Just A WhatsApp Image That Stole Rs 2 Lakhs- There’s More To It

      The Scam Hidden in a Single WhatsApp Image

      • A man from Jabalpur lost Rs 2 lakh after tapping on a seemingly harmless WhatsApp photo.
      • A few calls followed, one of which the victim accidentally answered. Moments later, large sums vanished from his bank account.
      • Techniques like steganography and APK binding can hide malware inside seemingly harmless files.
      • Cyber experts say simply opening a WhatsApp image won’t cause infection. But rare, targeted attacks are possible if vulnerabilities or modified apps are used.

      Pradeep Jain didn’t think much of the WhatsApp ping that arrived at dawn. Just another day, another unknown number, another random message. But the photo it carried—an image of an elderly man—would soon become the opening move in a meticulously orchestrated heist.

      The resident of Jabalpur, Madhya Pradesh, never imagined that clicking on a harmless-looking image could drain his bank account. The photo accompanied a text: “Have you seen this person?”

      It began on the morning of March 28. A call from an unknown number came in around 8 AM. The voice on the other end asked if he recognised the person in a photo sent via WhatsApp, then abruptly hung up.


      The image Pradeep Jain received on WhatsApp

      Curious, Jain opened the app and tapped on the photo. It showed nothing remarkable—just an unfamiliar old man. He shrugged it off.

      He ignored the follow-up calls—four or five of them came from the same number. But around noon, while chatting with a friend, he inadvertently picked up the call. “I told the caller I didn’t know the person in the picture and disconnected,” he recalled.

      His world flipped moments after that.

      Three SMS alerts arrived in quick succession. One showed a Rs 1 credit into his Canara Bank account. The next two revealed a double punch: Rs 1,00,000 gone. Then Rs 1,10,000. Wiped out in minutes.

      Panicked, Jain rushed to the bank. His account was frozen, but the damage was done. The money had vanished. His passbook showed cryptic entries: transactions under names like "IB IBF" followed by random numbers, traced later to a newly opened Canara Bank account in Hyderabad.

      The withdrawals had been made from an ATM. Other transactions bore the names "Vishal Online" and "Jannatun Bibi Online".

      "I begged the bank to help, but they just told me to go to the cyber helpline," he told Decode. "Even the helpline didn’t register my complaint. I had to physically submit a letter the next day."

      Also Read:Locked Out of WhatsApp? Here's What to Do If Your Account Is Hacked

      It wasn’t until later that Jain and his son pieced together what had really happened.

      An unfamiliar app called “Customer Service” had appeared on his phone. He hadn’t installed it. Its icon was eerily familiar—it used the same display picture as the scammer’s WhatsApp profile. That app, he realised, had been the silent culprit.

      Somehow, in the aftermath of that photo tap, malware had snuck in—silently planting the app and giving the attacker full access to Jain’s accounts. “The scammer had access to my messages, call logs, even my OTPs,” he told Decode.

      Even incoming verification calls from the bank were intercepted and answered by the scammer, pretending to be Jain. “When Canara Bank called to verify a transaction, it wasn’t even me who picked it up. The scammer answered, pretending to be me,” Jain said.

      Worse still, the scammer used those intercepted details to activate net banking on Jain’s account—something he had never used—hotlisted his debit card to prevent him from blocking it, and siphoned off the funds.

      “This was planned. Every move was calculated,” he recalled.

      “WhatsApp’s security failed. A malware-ridden image shouldn’t be able to install an app on someone’s phone,” he told Decode. “Canara Bank allowed net banking access without any in-person verification or Aadhaar authentication. And even when I acted quickly, no one—not the bank, not the cyber cell—stepped in to stop it.”

      But could a simple image on WhatsApp really unleash such chaos?

      Cybersecurity experts explained that while the story is alarming, it isn’t as straightforward as it seems. Simply clicking an image on WhatsApp, they argue, shouldn’t be enough to install malware or trigger an attack.

      Experts told Decode that scams like this often rely on techniques such as steganography and binding—both of which are known methods, but not as effortless to execute as they may appear.

      Also Read:Digital Arrest: India’s New Con Artists Don't Hack Computers—They Hack Minds

      Steganography and Binding: How Do They Work?

      Steganography is the practice of hiding secret information inside something that looks normal—like hiding a message inside a photo, video, or audio file.

      Unlike encryption—which scrambles data—steganography hides the fact that there's even a message at all. For example, someone might change tiny pixels in an image that look normal to the eye but contain hidden data.

      On the other hand, binding refers to the attaching of a file, in this case a malicious APK file, with something harmless, like an image. Technically, both files are stitched together at the binary level. Once the image data ends, the malicious APK code embedded with it begins to execute.

      But experts stress that simply receiving or even downloading such an image won’t trigger the malware. The victim usually has to interact with it—by clicking or allowing permissions—for the malware to activate.

      Cybersecurity expert Rupesh Mittal explained that both techniques are easy to learn, with tutorials available online. “That’s what makes it dangerous. Anyone can try it,” he said.

      Also Read:Can Scammers Steal Money When You Check Your UPI Balance? Here’s What Experts Say

      Could WhatsApp Be the Source?

      Speaking to Decode, security researcher Akshay explained why the said scam is unlikely to be pulled off via WhatsApp. He said, “WhatsApp uses end-to-end encryption so images are usually compressed on the sender's phone before being sent. But it's possible to bypass this compression using a modified app and send an uncompressed, potentially harmful image file.”

      However, he pointed out that if the image is specially crafted to exploit a bug and the receiver's phone has an unpatched vulnerability—either in WhatsApp or the phone's image processing software—it could, in theory, trigger malicious code when opened.

      The researcher added that modern smartphones have strong security features (like sandboxing and regular updates) that make such attacks very hard to pull off. “These kinds of exploits are rare and usually used by governments or advanced hackers—not against regular users.”

      So, unless there’s a serious, unknown flaw on the receiver’s device, the idea that just downloading an image on WhatsApp can infect your phone is highly unlikely, Akshay concluded.

      So how did the app appear on Jain’s phone?

      One possibility is that the attacker tricked him into inadvertently granting permission. Some modified versions of WhatsApp can also send uncompressed files, bypassing image compression and allowing harmful payloads to slip through. But these methods require more than just a tap—they need participation, even if unintentional.

      Mittal pointed out that the execution of this scam might not be possible without social engineering. “The malware can’t run on its own in the background. It still needs the victim to grant certain permissions or unknowingly install the application. Without that manual approval, Android won’t let it function.”

      He noted that while WhatsApp had a known vulnerability back in 2022—where code could be executed during a video call—such cases are rare and have since been patched. “Today, unless the attacker convinces the victim to take a specific action, like installing an app or granting permissions, malware can't just magically start working.”

      In 2022, WhatsApp fixed a serious security flaw that allowed hackers to take control of a person’s phone just by starting a video call. The bug—known as CVE-2022-36934—was caused by an error in the way WhatsApp handled video calls.

      Also Read:One Download Could Empty Your Bank Account: What Are APK Scams?

      The Real Problem: A System That Failed

      Jain’s story, experts say, isn’t just about a tech exploit—it’s about how easily people’s trust can be turned against them, and how weak our defenses are when that happens.

      WhatsApp’s end-to-end encryption and platform safeguards are supposed to make such attacks difficult. Canara Bank’s systems, too, should prevent unauthorised net banking setup without Aadhaar-based verification. And the national cybercrime helpline should respond swiftly in emergencies.

      Yet all three failed Jain when he needed them most.

      In the end, the photo of the old man may have just been a bait. But it exposed far more than one man’s vulnerability. It showed the cracks in the walls that are supposed to keep us safe. “It’s not just the file—it’s the manipulation that makes people open it, click it, and allow it to do harm,” Mittal said.

      Also Read:How A Google Search Cost A Hyderabad Woman Rs 2 Lakhs

      Tags

      CybercrimeScamsWhatsApp
      Read Full Article

      Next Story
      Our website is made possible by displaying online advertisements to our visitors.
      Please consider supporting us by disabling your ad blocker. Please reload after ad blocker is disabled.
      X

      Subscribe to BOOM Newsletters

      👉 No spam, no paywall — but verified insights.

      Please enter a Email Address
      Subscribe for free!

      Stay Ahead of Misinformation!

      Please enter a Email Address
      Subscribe Now🛡️ 100% Privacy Protected | No Spam, Just Facts
      By subscribing, you agree with the Terms & conditions and Privacy Policy connected to the offer

      Thank you for subscribing!

      You’re now part of the BOOM community.

      Or, Subscribe to receive latest news via email
      Subscribed Successfully...
      Copy HTMLHTML is copied!
      There's no data to copy!