The Indian Computer Emergency Response Team (CERT-In) has issued a high-priority advisory for “GhostPairing.” This sophisticated social engineering attack tricks users into authorizing a malicious “Linked Device” via counterfeit verification sites, granting attackers total, persistent access to chat history and contacts without logging the user out.
Business Impact
This is a significant risk for corporate communication in Bahrain and India. Attackers use the hijacked “Ghost” sessions to message work contacts, requesting sensitive files or financial transfers while appearing as a trusted colleague. Because the primary device stays logged in, the victim often remains unaware of the compromise for weeks.
Why It Happened
Attackers exploit the “Link with Phone Number” feature. They lure victims to sites that promise “Age Verification” or “Photo Unlocks,” prompting them to enter a pairing code that actually authorizes the attacker’s server.
Recommended Executive Action
Mandate a “Linked Device Audit” for all staff. Employees should navigate to WhatsApp Settings > Linked Devices and log out of any unrecognized sessions. Enforce a policy that sensitive business information should never be shared via personal messaging apps.
Hashtags: #WhatsApp #GhostPairing #SocialEngineering #CERTIn #MobileSecurity #Privacy #InfoSec