GhostPairing: The New Threat to WhatsApp Users
CERT-In has issued a warning about a vulnerability in WhatsApp's device-linking feature known as 'GhostPairing.' This flaw allows attackers to seize control of user accounts, accessing messages, photos, and videos. The attack starts with a misleading message and link, leading to unauthorized account access.
- Country:
- India
In a startling revelation, India's leading cyber security agency, CERT-In, has identified a critical vulnerability in WhatsApp's device-linking feature. Dubbed 'GhostPairing,' this flaw empowers cybercriminals to commandeer user accounts, gaining access to messages and multimedia on the web version.
The newly discovered threat, revealed in an advisory accessed by PTI, exploits WhatsApp's device-linking feature by using pairing codes without the need for standard authentication steps. The attackers send deceptive messages, such as 'Hi, check this photo,' luring victims into entering their phone numbers on false sites.
Once an attacker's device is linked, they can fully access the user's account. The CERT-In advisory advises users to avoid clicking on dubious links or entering phone numbers on unverified platforms. A response from WhatsApp is anticipated.
(With inputs from agencies.)
ALSO READ
Fear and Flight: Iran Under Siege Amid U.S.-Israel Attacks
Escalating Tensions: UAE Intercepts Iranian Missiles, Reacts to Attack
Cancelled Flights: UAE-Bound Journeys Disrupted Amid US-Israel Iran Attack
Brazil Urges Restraint Amid US-Israel Attacks on Iran
Saudi Arabia say Iran launched a 'blatant and cowardly' attack on Riyadh and eastern region that it repelled, reports AP.
Google News