Indian cyber agency flags WhatsApp 'hijack' | India News
Search
Sat, Dec 20, 2025
New Delhi oC

Indian cyber agency flags WhatsApp 'hijack'

PTI |
Published on: Dec 20, 2025 05:49 PM IST

Indian cyber agency flags WhatsApp 'hijack'

New Delhi, Indian cyber security agency CERT-In has flagged a vulnerability in the WhatsApp "device-linking" feature that enables attackers to take "complete" control of an account, including access to real-time messages, photos, and videos on the web version.

Indian cyber agency flags WhatsApp 'hijack'
Indian cyber agency flags WhatsApp 'hijack'

The agency named the issue "GhostPairing" on Friday in an advisory that has been accessed by PTI.

"It has been reported that malicious actors are exploiting WhatsApp's device-linking feature to hijack accounts using pairing codes without authentication requirement.

"This newly identified cyber campaign called GhostPairing enable cyber criminals to take complete control of WhatsApp accounts without needing password or SIM swaps," the advisory said.

A response from WhatsApp to the revelation is awaited.

The Indian computer emergency response team is the national technology arm to combat cyber attacks and guarding of the Indian Internet space.

The advisory said that the "high" severity attack campaign usually begins with the victim receiving a message like "Hi, check this photo" from a "trusted" contact.

The message contains a link with a Facebook-style preview. The link leads to a "fake" Facebook viewer that prompts users to "verify" to see the content. Here, the attackers exploit WhatsApp's "link device via phone number" feature by tricking unsuspecting users into entering their phone numbers, the advisory said.

This way, the victims "unknowingly" grant the attackers full access to their WhatsApp accounts.

The 'GhostPairing' attack tricks users into granting an attacker's browser access, as an additional trusted and hidden device, by using a pairing code that looks authentic.

The advisory said that once the attacker links their device, they get almost the same access as the victim would get on WhatsApp web.

They can read messages that sync to their device, receive new messages in real-time, view photos, videos and voice notes, and they can send messages to the victim's contacts and group chats, the advisory said.

The agency suggested such counter-measures as not clicking suspicious links even if they come from known contacts and not entering one's phone number on external sites claiming to be WhatsApp or Facebook.

This article was generated from an automated news agency feed without modifications to text.

Check for Real-time updates on India News, Weather Today, Latest News on Hindustan Times.
Check for Real-time updates on India News, Weather Today, Latest News on Hindustan Times.
News / India News / Indian cyber agency flags WhatsApp 'hijack'
SHARE THIS ARTICLE ON
SHARE
Copy
close

Join Hindustan Times

Create free account and unlock exciting features like

Newsletters, Alerts and Recommendations Get personalised news and exciting deals Bookmark the stories you want to read later
Already have an account? Sign In
  • mint-logo
  • mint-lounge
  • HT_Auto
  • ht-tech
  • ht-bangla
  • healthshots
  • OTT-icons
  • slurrp-icon
  • ht-kannada
  • ht-tamil
  • ht-telugu
  • ht-marathi
  • Instore Radio - FAB Play
  • vc-circle
  • tech-circle
  • vcc-edge
  • edge-insights
Copyright © 2025 HT Digital Streams Limited. All Rights Reserved.
Story Saved
Live Score
Edit Profile
Saved Articles
Following
My Reads
Sign out
Get App
crown-icon
Subscribe Now!
Copyright © HT Digital Streams Ltd. All rights reserved.
Follow Us On
.affilate-product { padding: 12px 10px; border-radius: 4px; box-shadow: 0 0 6px 0 rgba(64, 64, 64, 0.16); background-color: #fff; margin: 0px 0px 20px; } .affilate-product #affilate-img { width: 110px; height: 110px; position: relative; margin: 0 auto 10px auto; box-shadow: 0px 0px 0.2px 0.5px #00000017; border-radius: 6px; } #affilate-img img { max-width: 100%; max-height: 100%; position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); } .affilate-heading { font-size: 16px; color: #000; font-family: "Lato",sans-serif; font-weight:700; margin-bottom: 15px; } .affilate-price { font-size: 24px; color: #424242; font-family: 'Lato', sans-serif; font-weight:900; } .affilate-price del { color: #757575; font-size: 14px; font-family: 'Lato', sans-serif; font-weight:400; margin-left: 10px; text-decoration: line-through; } .affilate-rating .discountBadge { font-size: 12px; border-radius: 4px; font-family: 'Lato', sans-serif; font-weight:400; color: #ffffff; background: #fcb72b; line-height: 15px; padding: 0px 4px; display: inline-flex; align-items: center; justify-content: center; min-width: 63px; height: 24px; text-align: center; margin-left: 10px; } .affilate-rating .discountBadge span { font-family: 'Lato', sans-serif; font-weight:900; margin-left: 5px; } .affilate-discount { display: flex; justify-content: space-between; align-items: end; margin-top: 10px } .affilate-rating { font-size: 13px; font-family: 'Lato', sans-serif; font-weight:400; color: black; display: flex; align-items: center; } #affilate-rating-box { width: 48px; height: 24px; color: white; line-height: 17px; text-align: center; border-radius: 2px; background-color: #508c46; white-space: nowrap; display: inline-flex; justify-content: center; align-items: center; gap: 4px; margin-right: 5px; } #affilate-rating-box img { height: 12.5px; width: auto; } #affilate-button{ display: flex; flex-direction: column; position: relative; } #affilate-button img { width: 58px; position: absolute; bottom: 42px; right: 0; } #affilate-button button { width: 101px; height: 32px; font-size: 14px; cursor: pointer; text-transform: uppercase; background: #00b1cd; text-align: center; color: #fff; border-radius: 4px; font-family: 'Lato',sans-serif; font-weight:900; padding: 0px 16px; display: inline-block; border: 0; } @media screen and (min-width:1200px) { .affilate-product #affilate-img { margin: 0px 20px 0px 0px; } .affilate-product { display: flex; position: relative; } .affilate-info { width: calc(100% - 130px); min-width: calc(100% - 130px); display: flex; flex-direction: column; justify-content: space-between; } .affilate-heading { margin-bottom: 8px; } .affilate-rating .discountBadge { position: absolute; left: 10px; top: 12px; margin: 0; } #affilate-button{ flex-direction: row; gap:20px; align-items: center; } #affilate-button img { width: 75px; position: relative; top: 4px; } }