Cybersecurity researchers Luis Marquez Carpintero and Ernesto Canales Perenya have discovered a vulnerability that allows attackers to block a WhatsApp account if they have a victim’s phone number.
The scheme is as follows. The attacker asks for a code to log into the account and deliberately enters the wrong one. After several attempts, the account will be locked for 12 hours. After that, he registers a new email address and sends a letter to the messenger’s support service with a request to deactivate the number due to the loss or theft of the account. WhatsApp will not verify the authenticity of the request and will automatically disable the number.
The user can activate the account again after 12 hours of freeze. However, an attacker can still permanently block the account by repeating the above steps twice more.
According to Forbes, WhatsApp is not committed to solving the problem. The messenger of this recommended that users enable two-factor authentication and bind an email address so that the support representatives know from which address you can email.
WhatsApp believes that the likelihood that attackers will exploit the vulnerability is extremely small. Hackers seek to gain access to the account and its contents, not block it.
ProApk on Telegram – https://t.me/proapk_in
ProApk on Google News – https://news.google.com/publications/CAAqBwgKMP_S9AowhYDbAg
ProApk on Twitter – https://twitter.com/xdapirates
ProApk on Facebook – https://facebook.com/www.proapk.in