WhatsApp, the Facebook-owned instant messaging platform has been in trouble over fake news issue. The company has also been facing legal issues in India, with the government asking WhatsApp to develop a solution to trace the origin of messages, among other issues. Now, WhatsApp seems to be facing yet another problem where hackers have found a way to hijack your account. Also Read - WhatsApp users can download PAN card, Driving License, Class X certificate, vehicle RC on their phone: Here's howAlso Read - WhatsApp to drop support for iOS 10, iOS 11 soon: Check affected iPhone models
According to a report on ZDNet, the Israel National Cyber Security Authority has issued an alert, cautioning WhatsApp users that their accounts can be hacked. Targeted at users with voicemail accounts, the report claims that the hacking system works when users are using services from the mobile service providers. Also Read - WhatsApp announces Cloud API for large business, confirms Premium service for SMBs
Majority of users who have voicemail activated, have their passwords set either 0000 or 1234. Using this flaw, hackers can easily hijack your WhatsApp account by adding your number to a new WhatsApp account using a different smartphone. But how exactly does this work? The cyber security authority has offered some clarity around it.
Bar-Zik, an Israeli web developer said that WhatsApp has a security protocol where it will send an SMS code to the given handset number for authentication purposes. However, this layer can be skipped when the user is not around the smartphone.
After several failed attempts to get the SMS code, WhatsApp will verify the account using voice verification. At this point, a call will be made to the user s number, and one-time code will be spoken out loud. If the user does not answer the call, it will go to voicemail. To get this code, the hacker can simply enter the code and get going. This will allow hackers to use your WhatsApp account and number without any permissions. The hacker can then enable two-step verification (in case you don t already have it enabled), and lock out the original user from accessing the account.
So, what s the solution? To being with, security experts recommend using a complex password for your voicemail account. Secondly, you should also enable two-step verification for your WhatsApp account to make it extra secure, and add a layer of protection.