Experts found a new Whatsapp messenger vulnerability, which allows you to block the account, writes forbes.
So, the attackers use two “weak points” of the application, namely binding to the phone number and the ability to deprive the user access to the account by writing an appeal to the support service. When entering the phone number in the service, the service requests the confirmation code, which is usually sent in the SMS message or by calling. Incompleteners are inserted incorrect code, and then request new, while whatsapp will not block the ability to reset the code for twelve hours.
The scammers send a request in support of the messenger with a request to block the account due to the loss of the phone, pointing to the phone number of the victim.
Experts see the problem in the fact that WhatsApp automatically processes such requests and does not check whether the request really sends a real account owner.
User can try to restore access after the expiration of twelve hours if the fraudster does not have time to run the entire procedure again.
Forbes Obz Dofman Observer emphasizes that the owner may forever lose access to the account. He explained that if the attacker provokes the launch of the twelve-hour report three times, then for the third time the messenger will ask for a second time. After that, sending an invoice by the invinitor can block the account forever. In this case, you will have to contact Whatsapp specialists.