News

Your WhatsApp Account Can Be Suspended by Anyone Who Has Your Phone Number

In recent news, a loophole in WhatsApp has been determined where an attacker can completely suspend a user’s WhatsApp account where all is needed is the user’s phone number. Presently, there is no known solution for the issue.

This newly-discovered flaw primarily uses two separate vectors where the attacker installs WhatsApp on a new device and ends up entering your number to activate the respective chat service. Due to the two-factor authentication system, the attacker can not verify as the system sends the logic prompts to your phone. Once the attacker has attempted to login in multiple times and fails, your own login will be locked for the next 12 hours.

With the user’s account locked, the attacker can send a support message to WhatsApp from their email address where they claim your account as their own and inform WhatsApp that your phone had been lost or stolen and the WhatsApp account associated needs to be deactivated. The service then verifies this with an email reply and ends up suspending your own account. The attacker repeats this process to ensure that your account is permanently deactivated.

Image source: Forbes

This attack was initially determined by security researchers Luis Márquez Carpintero and Ernesto Canales Pereña who had properly tested the method. At the end of the day, the results were disturbing though it is to be noted that this method can’t be used to actually gain access to an account, merely to block access by its legitimate owner. Confidential text messages and contacts are not exposed.

Currently, WhatsApp is working out a solution to fix this loophole until then one of their representatives suggested that providing an email address with your two-factor authentication credentials can help avoid this hypothetical scenario.

Sponsored
Usman Aslam

A tech enthusiast, writer, researcher and strategist working on the latest technologies and making an impact. Usman has been heavily focused on building communities, empowering people through technological trends and advancements for over 3+ years including many notable names such as IEEE Region 10, TEDx, Google Developers, United Nations Programmes, Microsoft Partner Program and much more. Reach out: usman.aslam@techjuice.pk

Share
Published by
Usman Aslam

Recent Posts

Itel S25 Ultra Fails Durability Test, Raising Concerns

The Itel S25 series, known for its durability and affordability, recently faced scrutiny during a…

31 mins ago

WhatsApp Will No Longer Work on Older Android Phones Starting January 2025

WhatsApp has officially confirmed that, beginning January 1, 2025, it will end support for Android…

35 mins ago

Rs158 Billion Spent on Importing Mobile Phones to Pakistan in the Last Five Months

According to data from the Pakistan Bureau of Statistics (PBS), Pakistan imported mobile phones worth…

2 hours ago

EU Concerns Over Pakistan’s Military Court Sentences May Impact GSP+ Trade Benefits

The European Union (EU) has expressed concern over the recent convictions of 25 civilians by…

3 hours ago

SBP Announces December 25 as a Bank Holiday

The State Bank of Pakistan (SBP) has officially declared Wednesday, December 25, 2024, as a…

3 hours ago

Greentree Holdings Ltd Aims for 35% Stake in TRG Pakistan

AKD Securities, the manager of the offer, informed the main stock exchange on Monday that…

4 hours ago