It is possible to of any WhatsApp user to change the status. A hacker has a site set up that a vulnerability in the chat application, abused. Fill out a phone number and update is enough to change the status.
On the website WhatsAppStatus.net a mobile phone number and enter a text, the WhatsApp-status of the user of the phone number will be changed. It comes to the status in the contact list. The website is not a hoax, warns the unknown hacker, and a trial of Tweakers.net confirms that.
The change of the status of works in all cases, although the application must first be completed to the new status update to show. Sometimes a force close is necessary. The website makes use of a vulnerability in the WhatsApp-protocol: change of the status-update is done on the xmpp-servers from WhatsApp, and due to lack of authentication is the change of any status.
Probably the builder of the tool to a Dutchman: the site is by the Dutch LeaseWeb hosted, and the sample telephone number that the tool displays, starting with a ‘+31’, the Dutch country-extension.
It is notable that WhatsApp is already halfway through september of the vulnerability has been notified. The vulnerability was in december in the public domain, but it is unlikely that the discoverer of the leak is also the creator of the tool. The security researchers also discovered that some of the messages as plain-text to be sent and that it was possible to get the registration to work via brute-force. WhatsApp has taken steps to ensure that latest problem to solve, making a successful attack unlikely.
According to the hacker is one of the major security issues of WhatsApp. What are the problems with the free chat would be, is unknown. Previously discovered a reader of Tweakers.net that WhatsApp messages are unencrypted save. Shortly before, made an error in sms verification from WhatsApp it is possible to send messages for others to read.
Update, 11:08: Meanwhile, it appears the tool is in many cases not to work. It is possible that the effect of the ballooned visit to the site.