{"id":26685,"date":"2025-12-21T00:47:54","date_gmt":"2025-12-21T00:47:54","guid":{"rendered":"http:\/\/tezgyan.com\/index.php\/2025\/12\/21\/whatsapp-users-haunted-by-new-horror-story-as-cert-in-warns-of-ghostpairing-risk-tech-news\/"},"modified":"2025-12-21T00:47:54","modified_gmt":"2025-12-21T00:47:54","slug":"whatsapp-users-haunted-by-new-horror-story-as-cert-in-warns-of-ghostpairing-risk-tech-news","status":"publish","type":"post","link":"https:\/\/tezgyan.com\/index.php\/2025\/12\/21\/whatsapp-users-haunted-by-new-horror-story-as-cert-in-warns-of-ghostpairing-risk-tech-news\/","title":{"rendered":"WhatsApp Users Haunted By New Horror Story As CERT-In Warns Of ‘GhostPairing’ Risk | Tech News"},"content":{"rendered":"


\n<\/p>\n

\n

Last Updated:<\/span>

The exploit allows malicious actors to take ‘complete’\u00a0control of a user’s WhatsApp account without needing a password, an OTP, or a physical SIM swap<\/h2>\n
\n
\"CERT-In<\/p>\n

CERT-In has urged all Indian ‘Digital Nagriks’ to exercise extreme caution when receiving unsolicited links, even from known contacts. Representational image<\/p>\n<\/figure>\n<\/div>\n

India\u2019s premier cybersecurity agency, CERT-In (Indian Computer Emergency Response Team), has issued a high-severity advisory regarding a critical vulnerability in WhatsApp\u2019s device-linking feature. Dubbed \u201cGhostPairing”, the exploit allows malicious actors to take \u201ccomplete” control of a user\u2019s WhatsApp<\/a> account without needing a password, an OTP, or a physical SIM swap.<\/p>\n

By leveraging this flaw, attackers can gain real-time access to a victim\u2019s entire chat history, including sensitive photos, videos, voice notes, and live messages on the web version of the platform.<\/p>\n

The Anatomy of the \u2018GhostPairing\u2019 Attack<\/h4>\n

According to the CERT-In advisory issued on December 19, the attack is primarily a social engineering campaign that abuses legitimate WhatsApp features. The sequence typically begins with a deceptive message sent from a \u201ctrusted” contact\u2014whose account has likely already been compromised. The message often uses an enticing hook, such as \u201cHi, check this photo of you”, accompanied by a link that displays a Facebook-style preview to build immediate trust.<\/p>\n

When a user clicks the link, they are redirected to a fraudulent \u201cverification” page that mimics the official Facebook or WhatsApp Web interface. Here, the attackers employ two main variants to compromise the account:<\/p>\n

The Pairing Code Variant:<\/strong> The fake site prompts the user to enter their phone number. Behind the scenes, the attacker initiates a legitimate \u201cLink with Phone Number” request on their own browser. WhatsApp then generates an 8-digit pairing code, which the attacker relays back to the fake site. The victim, believing this is a standard security check, enters the code into their WhatsApp app, unknowingly authorising the attacker\u2019s browser as a \u201ctrusted” device.<\/p>\n

The QR Code Variant:<\/strong> In some cases, the phishing site embeds a real-time QR code from the attacker\u2019s WhatsApp Web session. If the victim scans this code from their mobile app to \u201cverify” their identity, the attacker is instantly logged in.<\/p>\n

Why It Is Highly Dangerous<\/h4>\n

The \u201cghost” nature of this pairing is its most lethal characteristic. Because the attack uses the official Linked Devices protocol, it does not trigger a \u201cNew Login” alert that would typically require a secondary OTP. The victim\u2019s primary phone continues to function normally, with no forced logout, allowing the attacker to remain a silent observer for days or even weeks.<\/p>\n

During this time, they can monitor all incoming and outgoing communication and even impersonate the user to spread the \u201cGhostPairing” lure to the victim\u2019s entire contact list and group chats.<\/p>\n

How to Protect Your Account<\/h4>\n

CERT-In has urged all Indian \u201cDigital Nagriks” to exercise extreme caution when receiving unsolicited links, even from known contacts. To secure your account:<\/p>\n

Audit Your Devices:<\/strong> Go to Settings > Linked Devices in your WhatsApp app. If you see any unfamiliar browser or operating system (e.g., \u201cGoogle Chrome \u2013 macOS” when you only use Windows), log it out immediately.<\/p>\n

Enable Two-Step Verification (2SV):<\/strong> Set up a custom 6-digit PIN in your account settings. This adds a critical layer of protection that a paired device cannot easily bypass.<\/p>\n

Never Pair Externally:<\/strong> Never scan a QR code or enter a pairing code on a non-official website. Genuine WhatsApp pairing only ever happens between your phone and an official WhatsApp application or web.whatsapp.com.<\/p>\n

First Published:<\/span><\/p>\n
\n

December 21, 2025, 05:53 IST<\/p>\n<\/div>\n<\/div>\n

News<\/a> tech<\/a> WhatsApp Users Haunted By New Horror Story As CERT-In Warns Of ‘GhostPairing’ Risk<\/span><\/div>\n
\n
\n
Disclaimer: Comments reflect users\u2019 views, not News18\u2019s. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use<\/a> and Privacy Policy<\/a>.<\/div>\n<\/div>\n<\/div>\n

Read More<\/span><\/p>\n<\/div>\n


\n
Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Last Updated:December 21, 2025, 05:53 IST The exploit allows malicious actors to take ‘complete’\u00a0control of a user’s WhatsApp account without needing a password, an OTP, or a physical SIM swap CERT-In has urged all Indian ‘Digital Nagriks’ to exercise extreme caution when receiving unsolicited links, even from known contacts. Representational image India\u2019s premier cybersecurity agency,…<\/p>\n","protected":false},"author":1,"featured_media":24206,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[],"class_list":["post-26685","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/posts\/26685","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/comments?post=26685"}],"version-history":[{"count":0,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/posts\/26685\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/media\/24206"}],"wp:attachment":[{"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/media?parent=26685"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/categories?post=26685"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tezgyan.com\/index.php\/wp-json\/wp\/v2\/tags?post=26685"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}