CERT-In warns of ‘ghostpairing’ attack targeting whatsApp users, flags high-risk account takeovers
New Delhi: India’s national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity alert warning WhatsApp users of an active account takeover campaign using a new technique known as “GhostPairing," in an advisory released on December 19.
CERT-In said cybercriminals are exploiting WhatsApp’s device-linking feature to gain unauthorised access to user accounts without the need for passwords or SIM card swaps, as reported by The Indian Express. The attackers, the agency warned, deceive users into entering pairing codes, which silently grants control of the account to a malicious device.
ALSO READ: Teen killed in alleged honour killing over inter-community relationship, brother, his friend arrest
According to CERT-In, the GhostPairing method works by tricking victims into approving an attacker’s browser as a trusted linked device. The advisory said, “The attack manipulates users into granting access through a pairing code that appears legitimate." It further added that once access is granted, attackers can fully operate the account through WhatsApp Web.
Last month, the Department of Telecommunications directed messaging platforms such as WhatsApp, Signal and Telegram to implement continuous SIM binding which required accounts to remain linked to an active SIM card. As part of this directive, companion web sessions are expected to be logged out periodically and re-authenticated using QR codes.
CERT-In said the GhostPairing campaign typically begins with a message appearing to come from a trusted contact, often reading, “Hi, check this photo”. The message contains a link designed to mimic a Facebook-style preview, and clicking the link leads users to a fake verification page, where they are prompted to enter their phone number and a code. Victims unknowingly allow attackers to link their WhatsApp account to an external device, by completing these steps,.
Once compromised, attackers can access messages, photos, videos and voice notes in real time, and can impersonate the victim to send messages to individual contacts or groups, the agency said.
The advisory also noted that WhatsApp currently allows multiple devices to be linked to a single account, a feature that is being misused in such attacks. In October, the Indian Cybercrime Coordination Centre under the Ministry of Home Affairs had flagged a related trend involving scammers using social media advertisements to lure users into linking their WhatsApp accounts.
While the government’s SIM-binding push is intended to limit such fraud, it has raised concerns among legal experts and digital rights groups, who argue that constant SIM verification, could affect privacy and disrupt multi-device usage, particularly for professionals.
To reduce risk, CERT-In has urged users to avoid clicking on suspicious links, even if they appear to come from known contacts, and to never enter phone numbers or verification codes on external websites claiming to be linked to WhatsApp or Facebook. Users have also been advised to regularly review the “Linked Devices” section within WhatsApp settings and immediately log out of any unfamiliar sessions.
For organisations relying on WhatsApp for communication, the agency has recommended security awareness training, closer monitoring for phishing attempts, and the establishment of clear response protocols to detect and contain account compromises quickly.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
MP traffic cop suffers burn injuries during Congress' effigy-burning protest; probe ordered
Maihar (MP) (PTI): A traffic policeman suffered severe burn injuries in Madhya Pradesh's Maihar district on Friday after his uniform caught fire during Congress' effigy-burning protest targeted at some ministers, prompting the police to file an FIR and launch an investigation into the incident, an official said.
The protest took place at Agrasen Tiraha in Maihar city, he said.
Traffic policeman, Vikram Pathak, who was on duty at that time, suffered severe burn injuries as petrol carried in a bottle by the protesters fell on his uniform and it caught fire.
Congress workers were burning an effigy while raising slogans against state ministers Rajendra Shukla (Health), Vijay Shah (Tribal Affairs), and Kailash Vijayvargiya (Parliamentary Affairs).
While the opposition party has been targeting Shah for his controversial remarks made last year against Col Sofia Qureshi, it has been demanding the resignations of Shukla and Vijayvargiya over the deaths of people due to contaminated water in Indore.
As the protesters tried to set the effigy on fire, petrol got sprinkled on Pathak's uniform, and it caught fire. The blaze quickly spread to his back and lower body, causing panic during the protest, eyewitnesses said.
A video of the incident also went viral, showing a stampede-like situation soon after the fire.
The police personnel and locals present at the scene acted swiftly and extinguished the fire using blankets and water. The injured traffic policeman was immediately taken to Maihar Civil Hospital, where he is undergoing treatment, the official said.
Doctors said he suffered severe burn injuries, but is out of danger.
Taking serious cognisance of the matter, the police launched an investigation, he said.
An FIR has been registered based on the video footage, and the role of those involved in the protest is being investigated, the official said.
Police are also investigating the circumstances under which flammable material was used during the effigy- burning protest.
Following the accident, additional police force was deployed at the protest site and the surrounding area.
Superintendent of Police Awadhesh Kumar and Collector Rani Batad described the incident as serious and assured strict action against those involved in it.
"A demonstration was being carried out by the Congress, and during the effigy-burning, some petrol was spilled on the uniform of Vikram Pathak, the in-charge on duty, after which it suddenly caught fire and caused burn injuries to him," SP Kumar said.
An investigation is being conducted on the basis of the video, he said.
Madhya Pradesh BJP chief Hemant Khandelwal said in Bhopal, "I have spoken to the policeman and offered my prayers. There is a way to protest. Whatever happened is not right.
