A potential security flaw in WhatsApp has been identified, which could enable a hacker to remotely suspend your WhatsApp account using your phone number. Due to a serious error, this loophole was said to have persisted in the app for a long time.
A hacker could remotely deactivate your account and prevent you from accessing it again, putting billions of WhatsApp users at risk. Even if you use two-factor authentication (2FA) for your WhatsApp account, this security bug may be exploited, according to reports.
The bug occurs due to two fundamental vulnerabilities, according to security researchers Luis Márquez Carpintero and Ernesto Canales Perea.
The hacker will get your phone number by exploiting the first flaw. The hacker will not be able to enter your WhatsApp account because they will not have access to the 6-digit code you will receive on your phone.
Multiple failed attempts with the wrong code, on the other hand, would prevent the hacker from entering codes into his WhatsApp app. The intruder will then contact WhatsApp help to get your phone number deactivated from the app. Only a new email address and a simple email stating that the phone has been lost or stolen are needed.
In reply, the hacker will receive a confirmation email from WhatsApp, to which they can quickly reply. Even if you have two – factor authentication allowed, this will deactivate your account.
Users can prevent this security flaw by registering their email addresses on their WhatsApp accounts, according to WhatsApp.
“Providing an email address as part of the two-step authentication allows our customer service team to help individuals in the unlikely event that they run into this problem. We encourage anyone who needs assistance to contact our support team so we can examine the issue found by this researcher, and we urge anyone who needs help to email our support team so we can investigate.”