Security News WhatsApp GhostPairing Lets Scammers Hijack Accounts Without Stealing Passwords

Parkinsond

Level 63
Thread author
Verified
Top Poster
Well-known
Dec 6, 2023
5,261
16,396
6,169
Instead of breaking into the service directly, the scam abuses WhatsApp’s legitimate device-linking feature and relies on a victim being persuaded to approve a new connected device.

The risk is serious because a linked device can allow an attacker to read messages, monitor conversations, impersonate the account owner, and approach contacts with urgent requests.

GhostPairing begins with deception rather than a technical exploit. Scammers contact targets through messages, social-media posts, fake support requests, or other convincing pretexts, then guide them toward a QR code or linking request that appears harmless.

Users should treat unexpected QR codes, requests to scan a code, and instructions to “verify” or “secure” an account as warning signs.

WhatsApp does not need users to link an unfamiliar device to keep an account active, and any request that creates urgency should be verified through a separate, trusted channel.

The most important defensive step is to review the Linked Devices section in WhatsApp settings and immediately remove any session that is unfamiliar.