Cybersecurity often feels like déjà vu—new attacks surface, but the underlying tactics remain familiar. The latest case in point is a campaign dubbed “GhostPairing”, where cybercriminals are exploiting WhatsApp’s device linking process to gain unauthorized access to user accounts.
According to Gen Digital—the parent company of Norton, Avast, and AVG—this attack is essentially a phishing variation designed to trick users into handing over their login credentials. Here’s how it unfolds:
🚨 How the GhostPairing Attack Works
- You receive a WhatsApp message from one of your trusted contacts.
- The message claims a photo of you has been found online, accompanied by a link.
- The link preview appears to show a Facebook page, but it actually leads to a fraudulent site.
- The fake site prompts you to “verify your account” to view the photo.
- You’re asked to enter your phone number.
- Meanwhile, the attacker initiates a login attempt on WhatsApp using your number.
- A legitimate verification code is sent to your phone.
- The fake site then requests this code.
- If you provide it, the attacker captures the code and completes the device linking process.
🎭 Why Victims Fall for It
The deception works because victims believe they’re verifying their account for Meta’s security purposes. In reality, they’re unknowingly completing WhatsApp’s legitimate login process on behalf of the attacker.
🕵️ What Hackers Gain
Once inside, attackers can:
- Access all your existing and incoming messages.
- Impersonate you by sending messages to your contacts.
- Expand the phishing cycle by targeting others in your network for sensitive data.
For Latest Tech Updates Please follow us :
facebook | twitter | instagram | telegram | whatsapp
