Security warnings about a new wave of targeting WhatsApp users.

تحذيرات أمنية من موجة استهداف جديدة لمستخدمي "واتساب"

A new scam has recently spread on WhatsApp called “GhostPairing.” This process exploits the legitimate linked devices feature in the application, allowing attackers to link their browser or desktop application to the victim’s account without the need to steal the password or replace the SIM card. Once the attacker’s device is linked, they can monitor conversations and download media, while the account continues to function normally, making it difficult to detect the breach.

This scam turns the ease of linking into a means of attack. WhatsApp allows linking the account to a web or desktop application by approving a QR code or entering a special numeric linking code. In the “GhostPairing” process, attackers trick the user into completing the approval step themselves, resulting in the attacker’s browser being registered as a trusted device linked to the account without the owner’s knowledge.

There are two main versions of this scam, and the version that relies on the numeric code is preferred because it works even if the victim and the fraudulent page are on the same phone.

The process starts with a text message from a known contact, often an already compromised account. The message includes an attractive phrase such as “I found your picture!”. The link leads to a fake web page that asks for “follow” or “verify” to view the image. Then, the phone number is directed to the legitimate WhatsApp linking process, which generates a linking code. When the code is entered into WhatsApp, the attacker’s browser is registered as a new device without the account owner’s knowledge.

After linking, the malicious device functions exactly like WhatsApp Web, where it can view synchronized conversations, receive new messages, and download photos, videos, and voice notes. This does not mean hacking end-to-end encryption, but rather tricking the user into including the attacker within the authorized devices.

This scam allows permanent access to conversations and media, and may be used to impersonate the victim to deceive other contacts and spread the fraud more widely. Reports indicate that this method is becoming more widespread, as attackers rely on numeric code linking interfaces that can be implemented on the same device used by the victim. (اليوم السابع)

You May Also Like

Russian Robot: “Immense Potential to Change the Balance of Power on Land and Sea!”

Leaks Reveal: Samsung’s S26 Surprise Focuses on Privacy and Artificial Intelligence

Innovative Initiative: Integrating Data Centers into Schools Redefines Artificial Intelligence

Xiaomi Prepares to Compete with Leading Android Phones by Launching its New Phone

Tecno Announces Its Newest Phone

The Classic Version of Instagram is Retiring… Statement from the Platform’s Founder

Download Mobile App

New Posts