New WhatsApp flaw can let cyberattackers deactivate account using user's phone number
By MYBRANDBOOK
As per reports, the new security flaw in WhatsApp can let cybercriminals suspend the account of any user using their phone number.
The attackers apparently do not need any information about the user other than his phone number. At the time the report was pushed out, there was no solution for the issue. However, the attacker can only get the user's account blocked but not gain access to it.
The first ones to discover the dangerous flaw were security researchers Luis Márquez Carpintero and Ernesto Canales Pereña. While this sounds like an impossible thing to do, the researchers have found that the attackers first download WhatsApp on their phones and try to log in using the victim's mobile number. When that is being done, WhatsApp's two-factor authentication system immediately sends a code to the victim's phone number. This prohibits the attacker to gain access to the account, but he keeps repeating the process. Due to several failed login attempts, WhatsApp disables login for 12 hours. This stops both the victim and attacker to log in to their WhatsApp account for 12 hours.
The next thing that the attackers do is email WhatsApp, asking them to deactivate or suspend the phone number of the victim. The attacker does not mention that it has logged the user out of the account but claims that the victim's phone has been lost or stolen. WhatsApp without cross-checking or asking for any inputs from the victim deactivates the WhatsApp account. If the process is repeated, WhatsApp can lock the account permanently.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : CP Gurnani
Former Managing Director and CEO of the well-known IT service company ...
Icons Of India : MUKESH D. AMBANI
Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...
Icons Of India : Arundhati Bhattacharya
Arundhati Bhattacharya serves as the Chairperson and CEO of Salesforce...
GeM - Government e Marketplace
GeM is to facilitate the procurement of goods and services by various ...
EESL - Energy Efficiency Services Limited
EESL is uniquely positioned in India’s energy sector to address ener...
PFC - Power Finance Corporation Ltd
PFC is a leading financial institution in India specializing in power ...
Indian Tech Talent Excelling The Tech World - PADMASREE WARRIOR, Founder, President & CEO - Fable
Padmasree Warrior, the Founder, President, and CEO of Fable, is revolu...
Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson
Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...
Indian Tech Talent Excelling The Tech World - Vinod Dham, Founder & Executive Managing Partner, IndoUS Venture Partners
Vinod Dham, known as the “Father of the Pentium Chip,” has left an...