Threat actors are exploiting WhatsAppβs device-linking feature through a campaign called GhostPairing, which allows them to hijack accounts without requiring authentication. This attack enables access to chat history and media, and can lead to impersonation and fraud, spreading beyond Czechia to other regions. #GhostPairing #WhatsAppHijack
Keypoints
- Threat actors use fake links and fake Facebook pages to initiate GhostPairing attacks on WhatsApp accounts.
- The attack involves tricking victims into entering a pairing code, granting hackers full access to their accounts.
- Victims often remain unaware of unauthorized devices linked to their WhatsApp, increasing the danger.
- Security measures like checking linked devices and enabling two-factor authentication are recommended for protection.
- The campaign has been first identified in Czechia but poses a threat to other regions due to its propagation methods.