Various features that are put into use for a useful job in the first place in applications such as WhatsApp can deviate from their purpose and harm the user experience. A vulnerability discovered by global cybersecurity consultant Jake Moore is a recent example of this and can disable WhatsApp accounts with just one email.
Can WhatsApp’s stolen and lost phones feature be abused?
Jake Moore showed in a tweet that the support feature used by WhatsApp for stolen and lost phones has the potential to deviate from its purpose. Moore, following the steps in the platform’s help center, said “Stolen/Lost Phone: Please deactivate my account” and sent the phone number to the WhatsApp support mail, saying that his account was disabled without any verification.
I tried it on my test device. It worked! pic.twitter.com/WH5T2oa8W7
— Jake Moore (@JakeMooreUK) July 17, 2023
The cyber security consultant, who tried this vulnerability on his own test device and got positive results, reveals that although it seems useful at first, the feature is open to abuse. In short, anyone can deactivate any WhatsApp account by following the steps above.
Of course, deactivating the account does not mean that it is completely deleted. In other words, even if you are faced with such a situation, you can access all your data by logging in within 30 days. However, it is worth noting that if you exceed this period, your account will be permanently deleted.
So what do you think about this subject? Don’t forget to share your views with us in the comments section!
59938
