News

Your WhatsApp Account Can Be Suspended by Anyone Who Has Your Phone Number

In recent news, a loophole in WhatsApp has been determined where an attacker can completely suspend a user’s WhatsApp account where all is needed is the user’s phone number. Presently, there is no known solution for the issue.

This newly-discovered flaw primarily uses two separate vectors where the attacker installs WhatsApp on a new device and ends up entering your number to activate the respective chat service. Due to the two-factor authentication system, the attacker can not verify as the system sends the logic prompts to your phone. Once the attacker has attempted to login in multiple times and fails, your own login will be locked for the next 12 hours.

With the user’s account locked, the attacker can send a support message to WhatsApp from their email address where they claim your account as their own and inform WhatsApp that your phone had been lost or stolen and the WhatsApp account associated needs to be deactivated. The service then verifies this with an email reply and ends up suspending your own account. The attacker repeats this process to ensure that your account is permanently deactivated.

Image source: Forbes

This attack was initially determined by security researchers Luis Márquez Carpintero and Ernesto Canales Pereña who had properly tested the method. At the end of the day, the results were disturbing though it is to be noted that this method can’t be used to actually gain access to an account, merely to block access by its legitimate owner. Confidential text messages and contacts are not exposed.

Currently, WhatsApp is working out a solution to fix this loophole until then one of their representatives suggested that providing an email address with your two-factor authentication credentials can help avoid this hypothetical scenario.

Sponsored
Usman Aslam

A tech enthusiast, writer, researcher and strategist working on the latest technologies and making an impact. Usman has been heavily focused on building communities, empowering people through technological trends and advancements for over 3+ years including many notable names such as IEEE Region 10, TEDx, Google Developers, United Nations Programmes, Microsoft Partner Program and much more. Reach out: usman.aslam@techjuice.pk

Share
Published by
Usman Aslam

Recent Posts

Rumors Indicate iPhone 17 May Feature Unconventional Camera Design

Apple is reportedly preparing for a significant design overhaul with its iPhone 17 series, blending…

8 hours ago

First AI-Powered Teacher Launched in Pakistan’s Private School

Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…

9 hours ago

Yahoo Surprises Users with Its Latest Android Launcher

Third-party apps have long been a staple of the Android ecosystem, but their appeal has…

10 hours ago

Phase-II Review of PTCL-Telenor Deal Finalized by CCP

ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…

10 hours ago

Xiaomi’s SU7 Achieves New Production Record, Driving Q3 Growth

Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…

12 hours ago

Teachers Can Now Access OpenAI’s Free AI Course

OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…

13 hours ago