GhostPairing: The New Threat to WhatsApp Users
CERT-In has issued a warning about a vulnerability in WhatsApp's device-linking feature known as 'GhostPairing.' This flaw allows attackers to seize control of user accounts, accessing messages, photos, and videos. The attack starts with a misleading message and link, leading to unauthorized account access.
- Country:
- India
In a startling revelation, India's leading cyber security agency, CERT-In, has identified a critical vulnerability in WhatsApp's device-linking feature. Dubbed 'GhostPairing,' this flaw empowers cybercriminals to commandeer user accounts, gaining access to messages and multimedia on the web version.
The newly discovered threat, revealed in an advisory accessed by PTI, exploits WhatsApp's device-linking feature by using pairing codes without the need for standard authentication steps. The attackers send deceptive messages, such as 'Hi, check this photo,' luring victims into entering their phone numbers on false sites.
Once an attacker's device is linked, they can fully access the user's account. The CERT-In advisory advises users to avoid clicking on dubious links or entering phone numbers on unverified platforms. A response from WhatsApp is anticipated.
(With inputs from agencies.)
ALSO READ
Tragedy Strikes: Fatal Tiger Attack Near Kerala-Karnataka Border
Sonia Gandhi Denounces MGNREGA Repeal as Attack on Rural India
Taiwan Attack Raises Security Measures Amid Rare Violent Crime
By weakening MGNREGA, Modi govt has attacked interests of crores of farmers, labourers, and landless across country: Sonia Gandhi.
Shockwaves in Taipei: Knife and Smoke Grenade Attacks Stun City
Google News