Messaging Giant WhatsApp has been found with a new Vulnerability which could allow Attackers to Suspend your account remotely using your phone Number. According to Security researchers who found this flaw on messaging App , The vulnerability can be exploited even if you've enabled two-factor authentication (2FA) for your WhatsApp account.
Forbes reported this vulnerability first by which security researcher found that flaw exist on the instant messaging app due to two fundamental weakness.
The First weakness allow the attacker to enter to your mobile number on WhatsApp installed on his Mobile. This will , of course not give access of WhatsApp account unless Attacker gets Six digit registration code you will get on your Mobile. But Multiple sign in from attacker's side will restrict code entries on his mobile phone for 12 hours.
So by multiple failures they will try to communicate with WhatsApp support and deactivate your mobile number from app. What they need is a new email address and a simple email stating that the phone has been stolen or lost. In response to that email, WhatsApp will ask for a confirmation that the attacker will quickly provide from their end. This will deactivate your WhatsApp account . You won't be able to avoid that deactivation by using 2FA on your WhatsApp account as the account has apparently been deactivated through the email sent by the attacker.
In regular deactivation case you can access your account by getting 6 digit registration number , but as Attacker's multiple failure blocked the code entries for next 12 hours. And the attacker can repeat the same process of failed sign in attempt to restrict your access.
You'll only have the option to get your WhatsApp account back by contacting the messaging app over email.
WhatsApp has massive user base of more than 2 Billion active user over globe and more than 400 million active user in India. Most of the user aren't likely to have their e-mail addresses registered with their account at this moment.
How to be Safe
As per WhatsApp's advice User could avoid this problem by providing their email address with two step verification. (2FA).
THANK YOU TO READ THIS BLOG
0 Comments
THANK YOU