Have you ever thought about losing your Whatsapp account permanently? A simple system failure allows the attacker to take users down even from a distance and without any contact with the victim. The information is from Tech Tudo.
Read Also
- Rodolfo Hernández distances himself from Víctor López, a strategist associated with Nayib Bukele Jun 2, 2022
- They reveal that Vicente Fernández suffers from Guillain-Barré syndrome Aug 20, 2021
- The first details of the Samsung Galaxy Tab S8 are filtered, and there would be up to three models | Technology May 30, 2021
- Sony wants to use AI to improve the gaming experience on PlayStation May 26, 2021
- Covid: five tech devices to keep environments clean and disinfected Sep 21, 2021
- Neymar was humiliated in a duel against the best freestyler in the world: his unmissable reaction May 27, 2022
- Hanouna-Boyard altercation: The LFI deputy filed a complaint for “insult” Nov 23, 2022
For this to happen, the hacker simply needs to have the user’s mobile number and inform the application that the account has been stolen. After carrying out some processes, he is able, in a digital way, to have the account deleted.
The vulnerability was reported last Saturday (10), by cybersecurity researchers Luis Márquez Carpintero and Ernesto Canales Pereña. For them, the first serious vulnerability of the app is the possibility to log in with any phone number, even if the user is not the owner of the line.
Because of these and other security breaches, a person may not be able to re-establish their account after it has been stolen. Even with another device, the phone number would not work in the application and it would be necessary to create a new account, this time with a different number.
WhatsApp sent a note to Tech Tudo, in which it reports that the practical practice addressed by the two researchers violates the terms of use of the application. In addition, the note also points out that the registration of the email requested during the activation of the two-step verification is essential for the real owner of the account to be identified by the company before the block.
Despite the note, the app did not disclose whether it intends to make changes to remedy the security breach.
.
