China suspends energy projects in Sri Lankan islands located close to India over 'security concern'
Colombo, Dec 3: China has suspended a project to install hybrid energy plants in three islands of Sri Lanka, citing "security concern" from a "third party", amid reports of India raising concern over its location.
In January, the Chinese firm, Sino Soar Hybrid Technology, was awarded the contract to install a hybrid renewable energy system in Delft, Nagadeepa and Analthivu islands, off the coast of Jaffna, according to a report in newsfirst.lk news website published on Thursday.
The three islets are located close to Tamil Nadu.
Without naming India, the Chinese embassy here in a tweet on Wednesday confirmed that "Sino Soar Hybrid Technology, being suspended to build Hybrid Energy system in 3 northern islands Flag of Sri Lanka due to 'security concern' from a third party".
Instead, it added, Beijing has inked a contract with Male on November 29 to establish solar power plants at 12 islands in the Maldives.
According to the newsfirst.lk report, in early 2021, India lodged a "strong protest" with Lanka on the award of the tender to the Chinese company for the construction of renewable energy power plants in Delft, Nagadeepa and Analthivu.
The contract was part of the Supporting Electricity Supply Reliability Improvement Project, which is implemented by the Ceylon Electricity Board (CEB) and funded by the Asian Development Bank (ADB), it said.
Last month, the Lankan government awarded the state-run China Harbour Engineering Company the contract to develop Colombo Port's eastern container terminal, months after it scrapped a tripartite deal with India and Japan to build the deep-sea container port.
China is one of the biggest investors in various infrastructure projects in Sri Lanka under Beijing's controversial Belt and Road Initiative (BRI). But there has been criticism, both locally and internationally, and growing concerns that China has lured Sri Lanka into a debt trap.
The island nation in 2017 handed over the strategically important Hambantota port to a state-run Chinese firm for a 99-year lease as a debt swap amounting to USD 1.2 billion.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
CERT-In warns of ‘ghostpairing’ attack targeting whatsApp users, flags high-risk account takeovers
New Delhi: India’s national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity alert warning WhatsApp users of an active account takeover campaign using a new technique known as “GhostPairing," in an advisory released on December 19.
CERT-In said cybercriminals are exploiting WhatsApp’s device-linking feature to gain unauthorised access to user accounts without the need for passwords or SIM card swaps, as reported by The Indian Express. The attackers, the agency warned, deceive users into entering pairing codes, which silently grants control of the account to a malicious device.
ALSO READ: Teen killed in alleged honour killing over inter-community relationship, brother, his friend arrest
According to CERT-In, the GhostPairing method works by tricking victims into approving an attacker’s browser as a trusted linked device. The advisory said, “The attack manipulates users into granting access through a pairing code that appears legitimate." It further added that once access is granted, attackers can fully operate the account through WhatsApp Web.
Last month, the Department of Telecommunications directed messaging platforms such as WhatsApp, Signal and Telegram to implement continuous SIM binding which required accounts to remain linked to an active SIM card. As part of this directive, companion web sessions are expected to be logged out periodically and re-authenticated using QR codes.
CERT-In said the GhostPairing campaign typically begins with a message appearing to come from a trusted contact, often reading, “Hi, check this photo”. The message contains a link designed to mimic a Facebook-style preview, and clicking the link leads users to a fake verification page, where they are prompted to enter their phone number and a code. Victims unknowingly allow attackers to link their WhatsApp account to an external device, by completing these steps,.
Once compromised, attackers can access messages, photos, videos and voice notes in real time, and can impersonate the victim to send messages to individual contacts or groups, the agency said.
The advisory also noted that WhatsApp currently allows multiple devices to be linked to a single account, a feature that is being misused in such attacks. In October, the Indian Cybercrime Coordination Centre under the Ministry of Home Affairs had flagged a related trend involving scammers using social media advertisements to lure users into linking their WhatsApp accounts.
While the government’s SIM-binding push is intended to limit such fraud, it has raised concerns among legal experts and digital rights groups, who argue that constant SIM verification, could affect privacy and disrupt multi-device usage, particularly for professionals.
To reduce risk, CERT-In has urged users to avoid clicking on suspicious links, even if they appear to come from known contacts, and to never enter phone numbers or verification codes on external websites claiming to be linked to WhatsApp or Facebook. Users have also been advised to regularly review the “Linked Devices” section within WhatsApp settings and immediately log out of any unfamiliar sessions.
For organisations relying on WhatsApp for communication, the agency has recommended security awareness training, closer monitoring for phishing attempts, and the establishment of clear response protocols to detect and contain account compromises quickly.
