What is ‘GhostPairing’, new scam that can ‘hijack’ WhatsApp account without password? | India News
Search
Mon, Dec 22, 2025
New Delhi oC

What is ‘GhostPairing’, new scam that can ‘hijack’ WhatsApp account without password?

ByHT News Desk
Updated on: Dec 22, 2025 10:51 AM IST

GhostPairing enables cybercriminals to gain full access to WhatsApp accounts without requiring passwords or SIM card changes.

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for Indian WhatsApp users, warning them about a new “device-linking” feature on the social media platform that could allow attackers to ‘hijack’ accounts. It said the newly identified cyber campaign is called ‘GhostPairing’.

The method exploits WhatsApp’s device-linking feature.(REUTERS/File Photo)
The method exploits WhatsApp’s device-linking feature.(REUTERS/File Photo)

The advisory, which carries a ‘high’ severity rating, said the attack begins when the victim receives a message such as “Hi, check this photo”, which can lead to the full ‘hijacking’ of the user’s WhatsApp account. Notably, CERT-In is the country’s key technical body responsible for dealing with cyber attacks and protecting India’s online space.

What is ‘GhostPairing’?

According to CERT-In’s warning, GhostPairing enables cybercriminals to gain full access to WhatsApp accounts without requiring passwords or SIM card changes.

The method exploits WhatsApp’s device-linking feature, allowing attackers to take over accounts by using pairing codes that do not require proper authentication.

Once an account is ‘hijacked’, attackers use it to send messages to the victim’s contacts.

“In a nutshell, the GhostPairing attack tricks users into granting an attacker’s browser access as an additional trusted and hidden device by using a pairing code that looks authentic,” the agency said in the advisory.

How does the ‘hijacking’ work?

The attack begins with a “Hi, check this photo” message sent by a contact that appears trustworthy. The message includes a link that displays a Facebook-style preview.

When clicked, the link opens a fake Facebook viewer asking users to “verify” their identity to view the content. At this stage, attackers misuse WhatsApp’s “link device via phone number” feature by misleading users into entering their phone numbers.

By completing a short and seemingly harmless set of steps, victims unknowingly grant attackers complete access to their WhatsApp accounts. This happens without any password being stolen or any SIM swap, the advisory said.

What can attackers access after ‘hijacking’?

Once an attacker links their device, they gain access similar to WhatsApp Web:

  • They can read messages that are synced to their device
  • They receive new messages in real-time
  • They can view photos, videos, and voice notes
  • They can send messages from the victim’s account
  • They can access personal chats and group conversations

What should you do?

The advisory suggests several steps to reduce the risk of account compromise or takeovers:

  • Do not click on suspicious links, even if they appear to come from known contacts.
  • Never enter your phone number on external websites claiming to be linked to WhatsApp or Facebook.
  • Regularly check Linked Devices on WhatsApp. Open WhatsApp and go to Settings > Linked Devices. If you notice any device you do not recognise, log out of it immediately.

For organisations:

  • Offer security awareness training focused on attacks targeting messaging apps.
  • Implement mobile device management where relevant.
  • Watch for signs of phishing and social engineering attempts.
  • Incident response protocols should be put in place for quick detection and resolution.

Check for Real-time updates on India News, Weather Today, Latest News on Hindustan Times.
Check for Real-time updates on India News, Weather Today, Latest News on Hindustan Times.
News / India News / What is ‘GhostPairing’, new scam that can ‘hijack’ WhatsApp account without password?
SHARE THIS ARTICLE ON
SHARE
Copy
close

Join Hindustan Times

Create free account and unlock exciting features like

Newsletters, Alerts and Recommendations Get personalised news and exciting deals Bookmark the stories you want to read later
Already have an account? Sign In
  • mint-logo
  • mint-lounge
  • HT_Auto
  • ht-tech
  • ht-bangla
  • healthshots
  • OTT-icons
  • slurrp-icon
  • ht-kannada
  • ht-tamil
  • ht-telugu
  • ht-marathi
  • Instore Radio - FAB Play
  • vc-circle
  • tech-circle
  • vcc-edge
  • edge-insights
Copyright © 2025 HT Digital Streams Limited. All Rights Reserved.
Story Saved
Live Score
Edit Profile
Saved Articles
Following
My Reads
Sign out
Get App
crown-icon
Subscribe Now!
Copyright © HT Digital Streams Ltd. All rights reserved.
Follow Us On
.affilate-product { padding: 12px 10px; border-radius: 4px; box-shadow: 0 0 6px 0 rgba(64, 64, 64, 0.16); background-color: #fff; margin: 0px 0px 20px; } .affilate-product #affilate-img { width: 110px; height: 110px; position: relative; margin: 0 auto 10px auto; box-shadow: 0px 0px 0.2px 0.5px #00000017; border-radius: 6px; } #affilate-img img { max-width: 100%; max-height: 100%; position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); } .affilate-heading { font-size: 16px; color: #000; font-family: "Lato",sans-serif; font-weight:700; margin-bottom: 15px; } .affilate-price { font-size: 24px; color: #424242; font-family: 'Lato', sans-serif; font-weight:900; } .affilate-price del { color: #757575; font-size: 14px; font-family: 'Lato', sans-serif; font-weight:400; margin-left: 10px; text-decoration: line-through; } .affilate-rating .discountBadge { font-size: 12px; border-radius: 4px; font-family: 'Lato', sans-serif; font-weight:400; color: #ffffff; background: #fcb72b; line-height: 15px; padding: 0px 4px; display: inline-flex; align-items: center; justify-content: center; min-width: 63px; height: 24px; text-align: center; margin-left: 10px; } .affilate-rating .discountBadge span { font-family: 'Lato', sans-serif; font-weight:900; margin-left: 5px; } .affilate-discount { display: flex; justify-content: space-between; align-items: end; margin-top: 10px } .affilate-rating { font-size: 13px; font-family: 'Lato', sans-serif; font-weight:400; color: black; display: flex; align-items: center; } #affilate-rating-box { width: 48px; height: 24px; color: white; line-height: 17px; text-align: center; border-radius: 2px; background-color: #508c46; white-space: nowrap; display: inline-flex; justify-content: center; align-items: center; gap: 4px; margin-right: 5px; } #affilate-rating-box img { height: 12.5px; width: auto; } #affilate-button{ display: flex; flex-direction: column; position: relative; } #affilate-button img { width: 58px; position: absolute; bottom: 42px; right: 0; } #affilate-button button { width: 101px; height: 32px; font-size: 14px; cursor: pointer; text-transform: uppercase; background: #00b1cd; text-align: center; color: #fff; border-radius: 4px; font-family: 'Lato',sans-serif; font-weight:900; padding: 0px 16px; display: inline-block; border: 0; } @media screen and (min-width:1200px) { .affilate-product #affilate-img { margin: 0px 20px 0px 0px; } .affilate-product { display: flex; position: relative; } .affilate-info { width: calc(100% - 130px); min-width: calc(100% - 130px); display: flex; flex-direction: column; justify-content: space-between; } .affilate-heading { margin-bottom: 8px; } .affilate-rating .discountBadge { position: absolute; left: 10px; top: 12px; margin: 0; } #affilate-button{ flex-direction: row; gap:20px; align-items: center; } #affilate-button img { width: 75px; position: relative; top: 4px; } }