A new hacking method called “GhostPairing” endangers the security of WhatsApp users by subtly exploiting trust between friends and relatives. Let’s discover how these cybercriminals manage to infiltrate your private conversations without you noticing.
The 3 key facts not to miss
- GhostPairing uses an apparently innocuous message from a trusted contact to access your WhatsApp account.
- The hackers seize your data by hijacking an authentic WhatsApp pairing code.
- This scam spreads quickly by exploiting trust between users, making it difficult to detect.
GhostPairing: a formidable scam on WhatsApp
The new hacking technique, nicknamed GhostPairing, was revealed by Gen, the parent company of Norton and Avast. It involves exploiting a legitimate WhatsApp feature, allowing hackers to infiltrate without needing passwords. The process starts with sending an intriguing message such as “Hi, I found your photo” from a trusted contact.
By clicking on the link contained in the message, the user is directed to a page mimicking Facebook that requests the entry of a code. This code is actually an authentic WhatsApp pairing code, thus giving hackers full access to your account.
How hackers access your personal data
After entering the code, users unknowingly allow an unknown device to connect to their WhatsApp account. From then on, hackers can read messages, access contacts, and browse photos without leaving visible traces on the victim’s phone.
This infiltration method is particularly insidious because it does not rely on hacking security systems but on exploiting user behavior. Hackers use WhatsApp as it is designed, making detection extremely complex for unsuspecting users.
Rapid spread and potentially serious consequences
GhostPairing spreads at an alarming rate. Cybercriminals replicate the booby-trapped message to other contacts of the victim, fueling a hacking chain that extends on a large scale. The absence of visible signs of intrusion makes this scam particularly dangerous.
The consequences can be disastrous: identity theft, blackmail, and other personalized scams. This attack highlights the need to strengthen user vigilance against suspicious messages, even when they come from seemingly reliable sources.
WhatsApp: a popular and vulnerable communication tool
WhatsApp, owned by the Meta group, is one of the most used messaging applications in the world, with billions of users. Its popularity makes it a prime target for cybercriminals seeking to exploit its features for malicious activities.
The messaging service was designed to offer fast and secure communication, but flaws like the one exploited by GhostPairing highlight the ongoing challenges in digital security. Users are encouraged to remain vigilant and never click on suspicious links, even if they seem to come from trusted contacts.