New WhatsApp flaw can let cyberattackers deactivate account using user's phone number
By MYBRANDBOOK
As per reports, the new security flaw in WhatsApp can let cybercriminals suspend the account of any user using their phone number.
The attackers apparently do not need any information about the user other than his phone number. At the time the report was pushed out, there was no solution for the issue. However, the attacker can only get the user's account blocked but not gain access to it.
The first ones to discover the dangerous flaw were security researchers Luis Márquez Carpintero and Ernesto Canales Pereña. While this sounds like an impossible thing to do, the researchers have found that the attackers first download WhatsApp on their phones and try to log in using the victim's mobile number. When that is being done, WhatsApp's two-factor authentication system immediately sends a code to the victim's phone number. This prohibits the attacker to gain access to the account, but he keeps repeating the process. Due to several failed login attempts, WhatsApp disables login for 12 hours. This stops both the victim and attacker to log in to their WhatsApp account for 12 hours.
The next thing that the attackers do is email WhatsApp, asking them to deactivate or suspend the phone number of the victim. The attacker does not mention that it has logged the user out of the account but claims that the victim's phone has been lost or stolen. WhatsApp without cross-checking or asking for any inputs from the victim deactivates the WhatsApp account. If the process is repeated, WhatsApp can lock the account permanently.
Microsoft to build a new data centre to support Thailand's tec
Microsoft has revealed intentions to construct a regional data centre as w...
SAP launches cloud services to help Indian scaleups innovate m
SAP at SAP unveils now "GROW with SAP for Scaleups," a new cloud service d...
Denodo and Sonata form alliance to unlock data-to-value creati
Denodo and Sonata Information Technology India Limited (SITL) have annou...
Google Play Store will now let users download two apps simulta
Google Play Store now lets users download two apps simultaneously. While a...
EXIDE INDUSTRIES LTD.
JUVAS SOLUTIONS PVT. LTD.
TVS ELECTRONICS LTD.
GLOBUS INFOCOM LTD.
Technology Icons Of India 2023: Sridhar Vembu
Sridhar Vembu is an Indian billionaire business magnate and the Founde...
Technology Icons Of India 2023: Kumar Mangalam Birla
Aditya Birla Group chairman Kumar Mangalam Birla’s return to Vodafon...
Technology Icons Of India 2023: Amitabh Kant
Amitabh Kant is presently the G20 Sherpa of India during its Presidenc...
Leading company into fertilizers in the country
NFL is a dynamic organization committed to serve the farming community...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
SUPERTRON ELECTRONICS PVT. LTD.
Supertron deals in servers, laptops, components, accessories and is a...
TEXONIC INSTRUMENTS
Texonic has carved a niche for itself in the Technology Distribution i...
R P TECH INDIA
R P Tech is recognized for its diverse products portfolio, value-add...