THe amerind computing machine pinch Response team up (CERT-In) has issued an consultative for Indian WhatsApp users, warning them about a new “device-linking” feature on the social media platform that could allow attackers to ‘hijack’ accounts. It said the newly identified cyber campaign is called ‘GhostPairing’.The advisory, which carries a ‘high’ severity rating, said the attack begins when the victim receives a message such as “Hi, check this photo”, which can lead to the full ‘hijacking’ of the user’s WhatsApp account. Notably, CERT-In is the country’s key technical body responsible for dealing with cyber attacks and protecting India’s online space.What is ‘GhostPairing’?According to CERT-In’s warning, GhostPairing enables cybercriminals to gain full access to WhatsApp accounts without requiring passwords or SIM card changes.The method exploits WhatsApp’s device-linking feature, allowing attackers to take over accounts by using pairing codes that do not require proper authentication.Once an account is ‘hijacked’, attackers use it to send messages to the victim’s contacts.“In a nutshell, the GhostPairing attack tricks users into granting an attacker’s browser access as an additional trusted and hidden device by using a pairing code that looks authentic,” the agency said in the advisory.How does the ‘hijacking’ work?The attack begins with a “Hi, check this photo” message sent by a contact that appears trustworthy. The message includes a link that displays a Facebook-style preview.When clicked, the link opens a fake Facebook viewer asking users to “verify” their identity to view the content. At this stage, attackers misuse WhatsApp’s “link device via phone number” feature by misleading users into entering their phone numbers.By completing a short and seemingly harmless set of steps, victims unknowingly grant attackers complete access to their WhatsApp accounts. This happens without any password being stolen or any SIM swap, the advisory said.What can attackers access after ‘hijacking’?Once an attacker links their device, they gain access similar to WhatsApp Web:They can read messages that are synced to their deviceThey receive new messages in real-timeThey can view photos, videos, and voice notesThey can send messages from the victim’s accountThey can access personal chats and group conversationsWhat should you do?The advisory suggests several steps to reduce the risk of account compromise or takeovers:Do not click on suspicious links, even if they appear to come from known contacts.Never enter your phone number on external websites claiming to be linked to WhatsApp or Facebook.Regularly check Linked Devices on WhatsApp. Open WhatsApp and go to Settings > Linked Devices. If you notice any device you do not recognise, log out of it immediately.For organisations:Offer security awareness training focused on attacks targeting messaging apps.Implement mobile device management where relevant.Watch for signs of phishing and social engineering attempts.Incident response protocols should be put in place for quick detection and resolution.
Global News Perspectives
In today's interconnected world, staying informed about global events is more important than ever. ZisNews provides news coverage from multiple countries, allowing you to compare how different regions report on the same stories. This unique approach helps you gain a broader and more balanced understanding of international affairs. Whether it's politics, business, technology, or cultural trends, ZisNews ensures that you get a well-rounded perspective rather than a one-sided view. Expand your knowledge and see how global narratives unfold from different angles.
Customizable News Feed
At ZisNews, we understand that not every news story interests everyone. That's why we offer a customizable news feed, allowing you to control what you see. By adding keywords, you can filter out unwanted news, blocking articles that contain specific words in their titles or descriptions. This feature enables you to create a personalized experience where you only receive content that aligns with your interests. Register today to take full advantage of this functionality and enjoy a distraction-free news feed.
Like or Comment on News
Stay engaged with the news by interacting with stories that matter to you. Like or dislike articles based on your opinion, and share your thoughts in the comments section. Join discussions, see what others are saying, and be a part of an informed community that values meaningful conversations.
Download the Android App
For a seamless news experience, download the ZisNews Android app. Get instant notifications based on your selected categories and stay updated on breaking news. The app also allows you to block unwanted news, ensuring that you only receive content that aligns with your preferences. Stay connected anytime, anywhere.
Diverse News Categories
With ZisNews, you can explore a wide range of topics, ensuring that you never miss important developments. From Technology and Science to Sports, Politics, and Entertainment, we bring you the latest updates from the world's most trusted sources. Whether you are interested in groundbreaking scientific discoveries, tech innovations, or major sports events, our platform keeps you updated in real-time. Our carefully curated news selection helps you stay ahead, providing accurate and relevant stories tailored to diverse interests.
No comments yet.