Summary: The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity alert for “GhostPairing.” This attack tricks users into granting an attacker’s browser access as a “trusted hidden device” via social engineering links that mimic Facebook or internal photo viewers.
Business Impact: Critical for corporate communication. Attackers can read messages in real-time, exfiltrate voice notes, and impersonate executives to authorize fraudulent transfers (BEC).
Why It Happened: Exploits the user’s trust in “Linked Devices” and the bypass of multi-factor authentication (MFA) once a device is initially paired. The surge in holiday greeting messages provided the perfect cover for these malicious links.
Recommended Executive Action: Mandate a “Linked Devices Audit” for all staff. Employees should navigate to WhatsApp Settings > Linked Devices and log out of any unrecognized sessions. Implement SIM-binding where possible.
Hashtags: #WhatsApp #GhostPairing #SocialEngineering #CERTIn #MobileSecurity
