A YouTube Video explains that Facebook’s popular social messaging service WhatsApp can potentially and easily be hijacked by anyone if the user isn’t careful enough.
A trick has been discovered recently that allows a person to take control of your WhatsApp account.
This new trick involves using nothing else but the phone number of the target and access to the phone. Even the method of accessing the account is very simple and compatible with all platforms, as explained in a YouTube video.
A hacker firstly tries to setup WhatsApp on the target device/phone using the phone number of the victim. From WhatsApp, the hacker makes a call to that phone number on the victim’s phone and sends that person a PIN that has to be entered in order to authenticate the account. If the hacker manages to access the target phone, he will be able to answer the phone and use the same code to perform certain actions. Since no phone unlocking method is involved in answering the call therefore, no password or PIN can limit the actions of the hacker.
What Happens on iPhone?
The attack worsens on iPhone especially when Siri is also enabled. If a user has configured Siri in a way to work from the lock screen and/or has set up his contact details in Siri’s settings, then this can potentially make their phone vulnerable as everyone can access without any PIN. Thus, even if the person trying to steal the account doesn’t have the phone number of the victim he can easily get it by calling himself from the targeted phone through Siri.
Is it a Flaw?
This is just a trick and not an actual flaw or defect in WhatsApp or Siri. Therefore, it is important to be really cautious while lending your phone number to anyone. Also, never leave your phone unattended for prolonged durations when there are strangers around.
Watch this video how a WhatsApp account can be easily hijacked: