Why in the news?

• The Telangana Cyber Security Bureau (TGCSB) has released an advisory alerting citizens regarding Ghost Pairing attacks.

Ghost Pairing

• What is it?:
  • Ghost pairing is a social-engineering–based cyberattack in which fraudsters secretly link a victim’s WhatsApp account to the attacker’s device.
  • This allows attackers to access messages, media, and contacts in real time, without hacking the phone or SIM card.
• How Does it Work:
  • Impersonation: Attacker pretends to be a known contact, bank official, tax authority, or government agency.
  • Bait Message: Victim receives messages like “Check this photo” or “Your account will be blocked” containing malicious links.
  • Urgency & Panic Creation: Psychological pressure through threats such as account suspension or number deactivation.
  • Verification Trap: Victim is tricked into approving a WhatsApp device-linking request or sharing a pairing/verification code.
  • Silent Takeover: Attacker’s device is linked as a companion device, granting full WhatsApp access without immediate alerts.
• Key Features:
  • Neither SIM swap required nor password cracking involved.
  • Applicable across WhatsApp, Telegram, and similar messaging apps
  • Enables real-time surveillance and data extraction
  • Attack fails unless the victim clicks a link or approves pairing.

Source: The Hindu