Sunday, June 20, 2021

WhatsApp flaw could enable attackers to remotely suspend your account.

Must Read

Dell Inspiron 14 2-In-1, Inspiron 15, Inspiron 13 Laptops launched in India

Dell has launched a new Dell Inspiron 14 2-In-1, Inspiron 15, Inspiron 13 Laptops under its Inspiron series in...

Leica launched Leitz Phone 1 with a large camera sensor

German company Leica, known for manufacturing cameras and optical lenses has announced its own smartphone the Leitz Phone 1....

Realme Narzo 30 5G, Realme Narzo 30, Realme Smart TV to launch on June 24 in India

Realme will launch Realme Narzo 30 5G, Realme Narzo 30, and Realme Smart TV in India on June 24....

WhatsApp is discovered to have a flaw that could enable attackers to remotely suspend your account using your phone number.

The vulnerability discovered by security researchers appears to have existed on the instant messaging app for quite some time now. Many WhatsApp users are said to be at risk because a remote intruder will deactivate WhatsApp on your phone and then prevent you from reactivating it.

Even if you have allowed two-factor authentication (2FA) for your WhatsApp account, the vulnerability can be exploited. The bug, discovered by security researchers Luis Márquez Carpintero and Ernesto Canales Perea, allows attackers to remotely suspend your WhatsApp account.

According to Forbes, the researchers discovered the bug on the instant messaging app due to two fundamental flaws. The first flaw allows an intruder to enter your phone number into WhatsApp, which is installed on their phones.

However, this will not allow the attacker access to your WhatsApp account unless the attacker obtains the six-digit registration code you’ll receive on your phone. Multiple unsuccessful attempts to sign in with your phone number would also block code entries on the attacker’s phone for 12 hours.

Although the intruder will be unable to sign in with your phone number again, they will be able to contact WhatsApp support and request that your phone number be deactivated from the app.

What they need is a new email address and a simple email informing them that their phone has been stolen or lost. In response to that email, WhatsApp will request clarification, which the attacker will provide quickly.

This will deactivate your WhatsApp account, preventing you from using the instant messaging app on your mobile. You won’t be able to stop the deactivation by using 2FA on your WhatsApp account because the account was obviously deactivated by the attacker’s email.

In the event of a routine deactivation, you can reactivate your WhatsApp account by verifying your phone number. This is not possible if the intruder has already locked the authentication process for 12 hours by attempting to sign in to your WhatsApp account several times.

WhatsApp is working on a Chat History Migration across Android and iOS Devices

This means you won’t be able to get a new registration code on your phone number for the next 12 hours. When the first failed sign-in attempt expires, the intruder will repeat the procedure to limit your account for another 12 hours.

WhatsApp has not disclosed whether it is working to address the flaw in order to avoid a negative impact on the public.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Dell Inspiron 14 2-In-1, Inspiron 15, Inspiron 13 Laptops launched in India

Dell has launched a new Dell Inspiron 14 2-In-1, Inspiron 15, Inspiron 13 Laptops under its Inspiron series in...
- Advertisement -

More Articles Like This

- Advertisement -