Indian Cyber Agency Warns of WhatsApp 'GhostPairing' Hack Attack

Image Source: Internet

A high-severity cyber threat has been identified by India's CERT-In agency, which affects WhatsApp users worldwide. The 'GhostPairing' vulnerability allows attackers to hijack accounts without needing passwords or SIM swaps. According to the advisory, malicious actors exploit WhatsApp's device-linking feature by tricking users into entering their phone numbers on fake Facebook viewer sites. This grants the attackers access to messages, photos, videos, and voice notes, as well as the ability to send messages to contacts and group chats. The agency warns users to be cautious when clicking suspicious links, even if they come from trusted contacts, and not to enter their phone numbers on external sites claiming to be WhatsApp or Facebook. A response from WhatsApp is still awaited.