Security Flaw in WhatsApp put Billion of user’s account at risk

WhatsApp

Researchers have found a new security flaw in WhatsApp, the most popular instant messaging app globally. This security flaw will allows hackers to suspend anyone’s WhatsApp account using his/her number.

It is also reported by the researchers that this flaw is not new. It has been in the app for quite a long time because of the fundamental weakness.

With this, billion of user’s accounts are at a critical stake as the hackers can suspend, delete or even deactivate the user’s account. They also restrain the users who try to reactivate their own WhatsApp account.

Also Read:
Telegram just launched two new Web Apps, brings more modern design

Users having enabled the two-factor authentication on their accounts can also be exploited with this security flaw.

Security researcher Luis Márquez Carpintero and Ernesto Canales Pereña claims that there are two primary weaknesses in the app. The first one will enable hackers to get access to the user’s phone number. However, by getting the user’s phone numbers hackers will not be able to get the WhatsApp account because they don’t get the six-digit OTP code WhatsApp will send via SMS.

But, if the hackers will attempt to try the code and multiple attempts of entering the wrong code will restrict the hackers to enter the code on WhatsApp.

After that, the hackers will contact WhatsApp support through an email to deactivate the user’s phone number from the app. Hackers need only a new email address to send the email. In the email, they would only say that their phone was stolen or lost.

WhatsApp will then send a confirmation email to the hackers to which they can immediately acknowledge. With the acknowledgment, the instant messaging app will immediately deactivate the user’s account even if they have enabled the two-factor authentication.

In response, WhatsApp has stated that users can bypass this issue by just linking their email to their WhatsApp account.

“Providing an email address with your two-step verification helps our customer service team assist people should they ever encounter this unlikely problem. The circumstances identified by this researcher would violate our terms of service and we encourage anyone who needs help to email our support team so we can investigate”

There is yet no confirmation from the social media app, whether they are working to fix the issue or not.

Other Trending News:-  News

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
Redmi Gaming Phone

Here are the leak details about the upcoming Redmi Gaming Phone

Next Post
Geico Reports Fraudsters Accessing its Customers Driver License Numbers

Geico Reports Fraudsters Accessing its Customers Driver License Numbers

Related Posts