Today, privacy is one of the most crucial things to get secure in this world, especially when we have to believe someone else by sharing all our personal details.
Social media platforms like Whatsapp, Instagram, and Facebook play a major role, where almost everybody trusts blindly while sharing such a piece of crucial information. These all billionaires’ companies keep changing their privacy policy, disclaimer, and terms and conditions; however, no user using this platform reads that.
That’s why we here to tell you, all you have to. Whatsapp is the only platform in the world currently, where all users blindly do every personal and professional kind of stuff, and that makes hackers to do attacks on it to retrieve all user’s information.
What’s the security issue?
Therefore, Whatsapp recently changed its security to make its platform more secure. There is a new issue, or can say, the bug in Whatsapp by which anyone with the “Poor Hacking Skills” and with your mobile number can easily delete your account without knowing you and without your confirmation.
What can a hacker gain?
With this bug, of course, the attacker won’t acquire any of the user information and access to the user’s WhatsApp data, but you will definitely lose your account and end up losing all your chat data. And next time when you try to open WhatsApp, you have to create a new one.
As per the one report of Forbes, it is stated that security researchers Ernesto Canales and Luis Márquez Carpintero found that it is quite easy to block a user’s WhatsApp account by entering multiple times 2FA (Two Factor Authentication) code.
When the attacker attempts multiple times 2FA code, then automatically Whatsapp blocks the account for 12 hours. Then the attacker takes advantage by registering a new email id and requests Whatsapp to change their email address by giving the reason for the phone being stolen.
In this case, the Whatsapp support team, without any other verification from users, deletes the user account.
Sounds scary, right! But don’t worry, it is not that easy in real life. Because every time a user tries to enable two-factor authentication, it requires the OTP sent by Whatsapp. This particular means that the attacker must have access to your device to get that 2FA OTP. So the second step might sound easy for you, but the first one is not.
So to actually make this attack workable, the attacker has to know you and has the trust of you to access your device to get the OTP. Of course, you probably think that a remote attack is also a possible option for an attacker. But, no attacker chooses a remote attack just to delete someone’s WhatsApp account as it is very painful and risky.
Whatsapp adds a new two-factor authentication to safeguard that lets you know whenever someone is trying to open your account on another device to improve security. That’s why you can see continuous and not removable notifications by Whatsapp while using Desktop Whatsapp.
