Dafuq is Momo?

I and sibidharan have been going to various colleges and enlightening students about Cyber Security and would’ve personally interacted with at least 30–40,000 college students so we always have this opportunity to know about what’s exactly trending among students and for the past 1 month everybody is talking about a killer game called “Momo Challenge”

Source: Internet.

So, what the fish is that?

A picture of a half-woman-half-bird with bulging eyes and a sinister smile is haunting people on social media worldwide and the panic has spread to almost all the people who’s using internet.

What news articles are saying about it?

Momo challenge: Here is all should know to save yourself from this deadly game

'Momo Challenge': CID asks people to contact police after receiving invitation - Times of India

After Blue Whale, Momo game spreads fear

Why this post? (*bored*)

Source : Internet.

Nowadays, wherever we go, college students are like what’s momo? is it possible to hack someone’s phone just via an Image? if yes, what are the possibilities? and these are the kind of questions that we were getting these days. So, I wanted to demystify you about Momo (As far as we heard and researched about)

Source : Internet.

We started the research by looking at various YouTube videos about Momo with Vikram but most of the video didn’t make sense and rest of the video were in such a way that it will surely attract dumb people to watch their video so that the YouTube Video creators can earn a lot out of it via Adsense. thus, we couldn’t get any juicy information about what’s exactly Momo. So, we decided to take risk, we got none to care about us either.*sighs*

Posted a bunch of status everywhere stating that “If you’re affected by Momo, do contact us”

We got a bunch of calls and everybody said, No, I’m not affected by it, my friend of friend got it. my girlfriend got it, my boyfriend got it blah blah and all became dead-end. So, we decided to text momo ourselves by getting phone numbers from the stories and posts people posted.

These were the conversation that I and Sibi had with momo. Few people were also saying that it was sending them an image and asking them to download it, below is the conversation that we had with momo.

https://ibb.co/dFx8np
https://ibb.co/mmBCDU
https://ibb.co/hZ4M7p
https://ibb.co/n8bvYU
https://ibb.co/cviESp
https://ibb.co/c5qiL9

We went ahead and even analysed that image it is sending to see if there’s anything like Arbitrary remote code execution also, we knew that no dumbfck would use such an awesome bug to do something like this.

While seeing the conversation you can clearly conclude that this is nothing to worry about. But, how they’re coming up with different numbers? have this question? if yes, the answer is below,

Steps to reproduce Momo.

1. Go to App Store/Play Store and Search for an application called “Text Now” For Play Store and for App Store
2. Install Parallel space in your android phone and install WhatsApp in that, after you installed Text now, now you’d be seeing 5 numbers in the application select one among them and put it in WhatsApp and get OTP via voice not via text.
3. Download Momo picture from Google.
4. Start texting

Let’s break down the scenario and understand the message that Momo has been sending

Messages one-by-one

1. Hi! this is momo, Please save my number (99% of us keeps our WhatsApp status with privacy as “Contacts only” so momo could actually see your status
2. Once you get the message you’ll upload it in your story like “I got a message from momo and I’m so scared” which means, you got enough friends to talk about this.
3. It’s going to send you another message but this time, you’d see the message but don’t reply, now momo would’ve seen that blue tick which means you read and obviously the next thing you’d do is, talk about this to your friends
4. Now, Momo sends a message randomly like, don’t talk about this to your friends and you’d think that you’re actually hacked but you’re not.
5. Then momo would be like, “I hacked your phone can I show call logs?” It can, coz it’s your friend who’s pranking you dumbassss!

Where and all we’re leaking our information?

1. with Truecaller I could find your name
2. If the phone number is associated with facebook, I can see your pics, your name, dob, second name (parents name) if you’d have wished to their birthday, mail ID in some cases
3. If I use Maltego, I can get more informations too.

I guess this information is more than enough to scare the sh*t out of you.

PS:- Also, this is not really a meme content, this isn’t the right way to prank someone neither, this could become dangerous, we may not know what your friend is going through which may even lead to suicide, totally depends upon the information with which you’re pranking your friends with, if it’s something between them and someone and confidential and not supposed to be leaked anywhere, then there are many possibilities. So, kindly don’t use such things to prank anyone.

Source : Internet.

For tamil people out there, our interviews are below!

Blacksheep Interview | Puthiya Thalamurai | Radio Mirchi

Disclaimer

This tutorial is only for Informational and Educational purposes only because, we believe that Cyber Security should be familiar subjects to everyone who uses computers. Also, it is impossible to defend yourself from such threats if you don’t know how it’s happening. I do not promote, encourage, support any illegal activity as this is just for an awareness and I cannot be held responsible for any misuse of the given information.