Skip to main content

WhatsApp has a massive security problem, but you may be able to avoid it

posted onApril 12, 2021
by l33tdawg
Android Central
Credit: Android Central

WhatsApp has a big security issue right now, and it doesn't seem to be doing much about it. The app has seen its fair share of problems lately, including a mass exodus from the platform after it announced its new privacy policy requiring accounts to be connected to Facebook. It turns out that privacy isn't the only problem WhatsApp has to deal with, not that a huge security flaw has been discovered.

A pair of researchers have uncovered a flaw (via Forbes) that allows attackers to lock anyone out of their WhatsApp account with just their phone number. It works because upon installing the app, the app will ask for a phone number. The attacker can input any number, which will then receive a confirmation text. If your number is at the receiving end of this, you'll notice seemingly unprompted verification texts from WhatsApp that you can't do anything about. And after too many verification attempts, further attempts to log in will be blocked for 12 hours. That shouldn't affect you since you're already logged in, but the real problem comes next.

From there, the attacker can send an email to WhatsApp support asking to deactivate the number due to a lost or stolen phone. Since WhatsApp doesn't know whether or not the phone number truly belongs to the attacker, the support team can comply and deactivate the account, which will force you off the app for the remainder of the 12 hours. The problem is that even if you try to get back on, the attacker can just repeat the process until, eventually, you're completely locked out with no way to attempt to get back into the app.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th