Explorer

EXPLAINED | WhatsApp Vulnerability Can Allow Hackers To De-Activate Your Account By Just Using Your Phone Number

Shockingly enough, this can be exploited even if you have enabled two-factor authentication (2FA) for your WhatsApp account.

New Delhi: A vulenrablity was found in the instant messaging app WhatsApp which can allow a cyber criminal to shut you out of your account. First discovered by Luis Márquez Carpintero and Ernesto Canales Pereña, a cyber criminal just need your phone number and a little over 12 hours to deactivate your account and keep you from re-activating it. 

Shockingly enough, this can be exploited even if you have enabled two-factor authentication (2FA) for your WhatsApp account.

ALSO READ: OnePlus 9: Just Weeks After Launch OxygenOS Gets Updates; Fixes Bugs

First reported by Forbes, a hacker can use their own device to attempt to log in to the your WhatsApp account. If the two-factor authentication (2FA) for your account, WhatsApp would send you a six-digit code via call/SMS. The hacker will the purposefully will guess the code and after failed attempts WhatsApp will ask to try after 12 hours. In the meanwhile, the cyber criminal can send an email WhatsApp support saying something like the phone was stolen and request and ask to suspend the account for which WhatsApp will request for your mobile phone which the hacker can give.  

WhatsApp doesn't verify the email, from which the request is sent and doesn't follow up with questions to confirm your ownership of the phone number.

As of now, there is no way for a person to keep themselves from falling prey to cybercriminals. 

According to Gadgets360, a WhatsApp spokesperson said, “Providing an email address with your two-step verification helps our customer service team assist people should they ever encounter this unlikely problem. The circumstances identified by this researcher would violate our terms of service and we encourage anyone who needs help to email our support team so we can investigate."

Even if the victim successfully re-registers and recovers their WhatsApp account, just one email from the cybercriminal could get them back to square one and the countdown will show count down "-1 seconds" instead of 12 hours.

Top Headlines

Musk Vs Altman Reloaded: Apple Lawsuit Triggers Fresh AI Billionaire Brawl On X
Musk Vs Altman Reloaded: Apple Lawsuit Triggers Fresh AI Billionaire Brawl
Netflix Considers Radical Live TV Move Amid Growing Engagement Concerns: Report
Netflix Considers Radical Live TV Move Amid Growing Engagement Concerns
Google Drive Alert Exposes Obscene Videos Of Family Women, Kanpur Teen Under Arrest: What Google Actually Monitors
Google Drive Alert Exposes Obscene Videos Of Family Women, Kanpur Teen Under Arrest
OPINION | India's AI Moment: From Digital Power To Global Rule-Maker
OPINION | India's AI Moment: From Digital Power To Global Rule-Maker

Videos

Safety Alert: Birthday Banner Falls From Flyover Onto Bike on Thane Highway
Breaking News: Baba Ramdev's Hindu Rashtra Remarks Trigger Political Controversy
Breaking News: Nitesh Rane's Remarks on Aamir Khan's Marriage Spark Political Row
Breaking: Four Teenagers Drown in Yamuna River in Delhi's Alipur
Election Update: Datia By-Election Heats Up as BJP and Congress File Nominations

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget