WhatsApp Security Flaw Allows Hackers to Suspend Your Account Easily

Security researchers have discovered a new security issue in WhatsApp that could allow a hacker to remotely suspend your account using your phone number. This vulnerability reportedly existed in the app for a long time due to a fundamental weakness.

This puts billions of WhatsApp users at risk since a hacker could remotely deactivate your account and restrict you from activating it again. This security flaw can reportedly be exploited even if you are using two-factor authentication (2FA) for your WhatsApp account.


ALSO READ

Govt Shuts Down Social Media Apps Across Pakistan


According to security researchers  Luis Márquez Carpintero and Ernesto Canales Pereña, the flaw exists due to two fundamental weaknesses. The first weakness allows the hacker to gain access to your phone number. This will not give the hacker access to your WhatsApp account, since they won’t have the 6 digit code you will get on your phone.

However, multiple failed attempts with the wrong code would block code entries for the hacker on his WhatsApp app. The attacker will then be able to contact WhatsApp support to deactivate your phone number from the app. They will only need a new email address and a simple email saying that the phone has been lost or stolen.

In response, the hacker will get an email from WhatsApp for confirmation to which they can quickly respond. This will deactivate your account even if you have 2FA enabled.


ALSO READ

WhatsApp Introduces Special Ramadan Stickers


WhatsApp has said that users can avoid this problem by registering their email addresses on their WhatsApp account.

Providing an email address with your two-step verification helps our customer service team assist people should they ever encounter this unlikely problem. The circumstances identified by this researcher would violate our terms of service and we encourage anyone who needs help to email our support team so we can investigate

WhatsApp has not, however, revealed if they are working on fixing this problem.


  • if hacker could “somehow” manage to access my phone number then he has all the right to do whatever he wants. Granted if he can “somehow” manage to access my Phone Number…………. quite the Flaw.


  • Get Alerts

    Follow ProPakistani to get latest news and updates.


    ProPakistani Community

    Join the groups below to get latest news and updates.



    >