Warning issued to WhatsApp users! Be wary of the new GhostPairing attack.

Security experts have identified a new WhatsApp takeover scam known as GhostPairing, which allows attackers to access victims’ contacts, photos, and messages without the need for stolen passwords or SIM-swapping. Stephen Kho, a cyber security expert from Avast, explained that this method deceives users into completing what appears to be a normal verification step. This process inadvertently links the attacker’s device to the victim’s account through WhatsApp’s pairing feature.

GhostPairing messages typically seem to originate from trusted contacts and may include prompts like “Hey, I found your photo,” accompanied by a clickable link. This link directs users to a counterfeit “Facebook-style page” that requests account verification. Once victims comply, they receive a legitimate sharing code, which enables the attacker’s browser to become an authenticated, linked device. Consequently, the attacker gains full access to the victim’s messages, photos, and voice notes, while the victim remains unaware of the breach.

Cybersecurity Isn’t Just for Corporations – It’s a Matter of Everyday Safety

Schools and Colleges Are Under Growing Cyber Attack

Cybersecurity’s Hidden Weakness: Why Securing Critical Systems Never Stops

Operation Shadowstrike: How a State-Backed Attack Exploited Government Systems

The Ghost in the Machine: How Fiction Exposes Real Cybersecurity Weaknesses

Social Media Hype: Why It Can Cost Investors Big

Leave a Reply Cancel reply

Similar Posts

Leave a Reply Cancel reply