Ghost Pairing: Hackers are taking control of accounts using Ghost Pairing, how to protect yourself?

Despite messaging app WhatsApp's claims of providing security to its users, cybercriminals are not hesitating to exploit its vulnerabilities. Recently, a major security flaw in WhatsApp has been exposed, allowing hackers to gain control of people's WhatsApp accounts. The Indian government's Computer Emergency Response Team (CERT-In) recently issued a major alert and advisory. In the alert, the response team described this WhatsApp vulnerability as 'Ghost Pairing' and also suggested ways to prevent it. In this explainer, we will tell you what Ghost Pairing is and what you, as a WhatsApp user, should do to protect yourself from it.

What did CERT-In say in the advisory?
The Computer Emergency Response Team (CERT-In) advisory states that hackers are misusing WhatsApp's device linking feature. They are using this feature to hijack people's accounts. Surprisingly, in Ghost Pairing, hackers are hacking accounts without user authentication. According to the advisory, in this type of hacking, accounts are compromised without knowing the password or performing a SIM swap, and the WhatsApp user remains completely unaware.

What is the 'Ghost Pairing' scam, and how is it being carried out?
CERT-In has described this as a campaign run by hackers, in which people are sent a photo from a number they know. The message asks them to open and view the photo. Many users have reported receiving messages like "Hi, please open and view this photo." This message shows a preview similar to a Facebook post, and clicking on it redirects to a website. Seeing the message from a known number, people click to view the photo.

After this, the user is asked to 'verify' to view the photo. This is where the real game of hacking your WhatsApp begins. It's worth noting that WhatsApp offers a WhatsApp Web feature to use WhatsApp in a browser. This allows you to pair your smartphone by scanning a QR code or entering your phone number. As soon as you enter your phone number, your WhatsApp account is paired with that device. Then, you start seeing all the messages received on your phone on that device. Hackers are using this very feature of WhatsApp to gain access to your WhatsApp account. You receive a message asking you to enter your phone number for verification, and as soon as you enter your number, your WhatsApp account is synced with the hacker's device. Then, all the WhatsApp messages you receive become visible to the hacker.

The surprising thing is that the user doesn't even realize that their WhatsApp account has been hacked. WhatsApp doesn't have any technology to inform the user that someone else is reading their messages. This is why this type of hacking is called 'Ghost Pairing'.

What kind of damage can Ghost Pairing cause?
The most frightening aspect of this type of hacking is that once the hacker gains access to your account, they start targeting the numbers in your contact list. Other people think that you have sent them the message, and they, too, fall into this vicious cycle of hacking by entering their number in the link. Now, let's understand what kind of damage this hacking called Ghost Pairing can cause.

Nowadays, people receive alerts for everything from shopping to banking on WhatsApp. Many people share their personal information, such as passwords, Aadhaar card photocopies, and bank details, on WhatsApp when needed. If your account is hacked, the hacker can read all these messages and even compromise your bank account. They can also demand ransom by threatening to leak confidential information. If the hacker reaches others through your number, then it becomes difficult to stop them.

What should you do to protect yourself from Ghost Pairing?
The Computer Emergency Response Team has suggested some simple but very important ways to protect yourself from this threat. To protect themselves, WhatsApp users are advised to follow these important steps:

First, do not click on any unknown links or photos, even if they are sent by someone you know.

If you are suspicious of a message from a friend, call them to confirm.

Also, regularly check your WhatsApp settings to ensure your account isn't logged in on another device.

Click on the three dots in the upper-right corner of your WhatsApp screen.
Go to the Linked Devices option.

If you see any device (such as Chrome, Windows, or an unknown phone) that you haven't linked, tap on it and log out immediately.

Disclaimer: This content has been sourced and edited from Amar Ujala. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.