The Center for Forecasting Criminal Threats and Public Security Risks of the Committee for Legal Statistics and Special Records of the General Prosecutor’s Office warns of a new cyber threat related to the WhatsApp messenger.
According to foreign sources, cybercriminals have launched a new scheme for taking over WhatsApp accounts. This method, known as “GhostPairing,” does not require password hacking, SIM card swapping, or sophisticated technical attacks. Instead, unauthorized access to WhatsApp is gained legitimately by activating the feature for linking additional devices.
The scheme is simple: a message disguised as coming from Facebook or WhatsApp is sent to users, redirecting them to fake websites that visually replicate the interfaces of Facebook or WhatsApp.
To “confirm access to content,” the fake website prompts users to enter their phone number and a verification code. As a result, the attacker is automatically added to the victim’s account as a trusted linked device, gaining full access to WhatsApp — including reading messages, viewing media files, contacts, sending messages, and accessing the photo gallery. Meanwhile, the victim’s phone continues to function normally, raising no suspicion.
The only way to detect a WhatsApp takeover is to manually check the “Linked Devices” section. Any unknown device connection indicates a compromise and must be removed immediately.
Be vigilant and follow cybersecurity best practices:
The cost of one mistake is full control over your private correspondence.
Source: Center for Forecasting Criminal Threats and Public Security Risks, Committee for Legal Statistics and Special Records of the General Prosecutor’s Office.
