Terms of use, privacy terms, and other documents that you must approve before using applications or operating systems are commonly known to be “read by no one.” Only the most hardened individuals go through long documents to the end, a fraction of users force themselves to at least click on their beginning, and give up studying the “legal text” after a while. It is important to click on consent, and few people know what they are actually agreeing to after ticking the box.
Even so, the item that has long been enshrined in WhatsApp’s terms of use sounds incredible. Virtually anyone could delete a WhatsApp account on any phone number used anywhere in the world. All you had to do was send WhatsApp a short email with the phrase in the body “Lost/Stolen: Please deactivate my account” (in translation “Lost/Stolen: Please deactivate my account”), which you added with your phone number. Practically on the wrist, the entire WhatsApp account was completely deleted for the given number.
Have you seen this screen once or regularly on WhatsApp? It would mean that someone misused the feature embedded in the user terms and conditions, thanks to which they deleted your WhatsApp account. A quick re-registration was required to restore data
There would be nothing surprising about this if this procedure could not use by anyone from any email address in the world, and perhaps “just for fun” even with your number. The received e-mails were reviewed by a robot that did not verify the information and immediately deleted the accounts. Then the message that the account was deleted arrived in the e-mail box. However, if you wanted to restore your data and stay in chat groups, you had to quickly re-register with WhatsApp. However, a possible attacker could use the same “trick” endlessly and delete your user account practically every day.
No one knows how long this method has existed
This incredible hole in WhatsApp’s terms of use was discovered by Jako Moore, employed at ESET. After the release, there was apparently a large increase in abuse of the service, exactly as Moore outlined on Twitter. And the ice was moving. During further attempts, the automatic machine stopped deleting accounts, but the developers switched to a new control mechanism. In order to be able to delete a number on WhatsApp again, you must provide proof that you are its owner, e.g. from an operator’s service invoice.
According to many, this feature has been embedded in WhatsApp’s terms of service for many years, and nobody noticed it until now. And if he happened to notice, there could be targeted attacks on users, the content of which was the regular deletion of accounts that could not be prevented. And who knows what might be hidden in the terms of use of other mobile applications? For example, we recently dug into Android’s terms of service, and it wasn’t a pretty read…
Introducing Chat Lock in WhatsApp:
Source: Jake Moore
2023-07-20 15:58:52
#reads #terms #delete #elses #WhatsApp #account #send #short #email