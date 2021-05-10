WhatsApp glitch locks any account in a few minutes! | Pixabay

Everything seems to indicate that a failure within the app WhatsApp allows you to block any account in a few minutes and unfortunately we can do almost nothing to prevent it, so keep reading so that this does not happen to you.

As you will remember, WhatsApp is the instant messaging platform most used in most of the world, with more than 2 billion users, and it is for this reason that the discovery of a vulnerability that allows blocking any account with only the phone number is extremely worrying.

Forbes has announced a few weeks ago the discovery of a WhatsApp failure by security researchers Luis Márquez Carpintero and Ernesto Canales Pereña which allows blocking an account only with the phone number, in a process that is very easy and that anyone with bad intentions can perform.

According to the researchers, a user with bad intentions can achieve the suspension of any WhatsApp account for at least 12 hours, in just a couple of minutes.

The attacker only has to request the activation of the account with the telephone number to be affected, as when WhatsApp is installed on a new mobile device.

It is worth mentioning that the attacker will not be able to verify the account because he will not receive the message with the activation code.

However, after several unsuccessful attempts, the login will be locked for 12 hours, and this is where the “crafty” part of the lock comes in.

With the login blocked, the attacker will only have to send an email to WhatsApp support to request the blocking of the account, under the pretext that the mobile device where the account is active was stolen or lost.

WhatsApp does not corroborate the email from which this message is sent and simply blocks the account, as requested.

This is how the user will see their WhatsApp account deactivated on their smartphone, without knowing why, and cannot log in again due to the 12-hour lockout.

After 12 hours have passed, the attacker can perform the same procedure again and thus chain several locks on the account, without the user being able to do anything.

In addition, after three times carrying out the process, the WhatsApp account will go into a failure that no longer shows a countdown to request a login code again, but is stuck at -1 second.

At this point, the only thing the user can do is contact WhatsApp technical support and hope that someone can help solve the solution.

It is important to mention that access to the account information is not achieved, however, that does not diminish the importance of the situation, since it is very simple how anyone can block access to a WhatsApp account, only knowing the number.

Fortunately, there is a way to avoid this block, and that is that a WhatsApp spokesperson told Forbes that activating the two-step verification will erase the possibility of achieving this block in the account.

The support team will verify that the email from which the account blocking request is received is the same as the one registered in the two-step verification, and since it does not match, it will not proceed with the suspension of the account.

However, despite the usefulness of registering an email in an account with WhatsApp’s two-step verification, it does not prevent the attack, since it can be started and it will be when you get to the part of requesting suspension for theft / loss that will stop with the help of the support team.