Use WhatsApp all the time just like the rest of us? Then you may want to keep an eye on a unique Whatsapp hack loophole discovered in its account recovery method. In the investigation, they found that it’s possible for an attacker to completely suspend your WhatsApp account.
And the scary bit is that your Whatsapp account can be hacked or suspended. And all the attacker needs is your phone number. Yes, it does sound kind of scary and awkward that how can someone take your account down just with your Whatsapp registered phone number.
Whatsapp hack? How?
This might sound a little too easy but the attackers who might wanna trouble you just need your phone number to get the job done. They use two separate vectors to sabotage your Whatsapp account. The attacker installs WhatsApp on a new device and enters your number to activate the chat service.
They can’t verify it, because of course, the two-factor authentication system is sending the login prompts to your phone instead. After multiple repeated and failed attempts, your login is locked for 12 hours. With your account locked, the attacker sends a support message to WhatsApp from their email address.
Claiming that their (your) phone has been lost or stolen and that the account associated with your number needs to be deactivated. WhatsApp “verifies” this with a reply email, and suspends your account without any input on your end.
The attacker can repeat the process several times in succession to create a semi-permanent lock on your account. This Whatsapp Hack is a proof of concept from a pair of security researchers, Luis Márquez Carpintero and Ernesto Canales Pereña.
Using this method the would be attackers can only block you out. The results are disturbing, but this method can’t be used to actually gain access to an account. Confidential text messages and contacts are not exposed.