WhatsApp users warned of GhostPairing scam hijacking accounts

Suomi

Hackers are targeting WhatsApp users with a new GhostPairing scam that allows full account access without cracking passwords or encryption safeguards. The scam bypasses traditional authentication methods, posing a significant risk to user privacy and security. Users are advised to check the Linked Devices section to detect any compromises.

A new cyber threat has emerged targeting WhatsApp users through the GhostPairing scam, as reported by TechRadar. This sophisticated attack enables hackers to gain complete control over accounts without needing to break passwords or the app's encryption protections. The method exploits vulnerabilities in the linking process, allowing unauthorized devices to pair invisibly with the victim's account.

According to the report, the scam is particularly dangerous because it does not trigger standard security alerts. WhatsApp's built-in safeguards, such as two-factor authentication, remain intact, yet hackers can still access messages, contacts, and other sensitive data. The publication emphasizes that the Linked Devices section within the app is the only reliable tool for users to identify and revoke suspicious pairings.

No specific details on the scam's origins or affected regions were provided, but the warning urges all WhatsApp users to regularly review their linked devices. This incident highlights ongoing challenges in securing messaging platforms against evolving phishing and pairing exploits. TechRadar published the alert on December 21, 2025, advising immediate vigilance to prevent account hijackings.

Liittyvät artikkelit

IT expert Supangat warns of Lebaran digital scams via WhatsApp and SMS in a press conference illustration.
AI:n luoma kuva

IT expert warns of digital scams ahead of Lebaran

Raportoinut AI AI:n luoma kuva

Ahead of Idul Fitri, IT expert from Untag Surabaya, Supangat, urges the public to heighten vigilance against scams via WhatsApp and SMS. Rising digital transactions are exploited by cybercriminals. Vida founder Niki Santo Luhur identifies two main methods: phishing and malware prevalent in Indonesia.

GhostPairing: WhatsApp Hijacking Threat

Security researchers, first reporting via TechRadar in December 2025, warn WhatsApp's 3 billion users of GhostPairing—a technique tricking victims into linking attackers' browsers to their accounts, enabling full access without breaching passwords or end-to-end encryption.

Silent Whisper vulnerability exposes WhatsApp users to secret tracking

Raportoinut AI

A new security flaw known as Silent Whisper puts billions of WhatsApp and Signal users at risk. Attackers can monitor activity without detection, leading to battery drain and revelation of daily routines. An expert has created a tool that exploits this vulnerability to spy on users undetected.

Teknologia

Experts warn of PayPal subscription abuse for fake emails

Teknologia

Photo ID apps leak user data affecting over 150,000

Teknologia

Fake IT support scam infects company devices with Havoc malware

Beware of fake delivery SMS that know your exact address

Scammers are now sending highly personalized SMS posing as delivery personnel, including victims' names, addresses, and sometimes access codes. These messages, tied to recent data breaches, lead to fake sites designed to steal personal information. Authorities advise against clicking links and checking directly with official services.

Hacked prayer app sends surrender messages to Iranians amid strikes

Raportoinut AI

A prayer app popular in Iran was hacked to send push notifications urging users to surrender as Israeli and US strikes targeted the country. The messages promised amnesty and stated that help was on the way. Residents in Tehran and other cities reported explosions in the early hours of Saturday morning.

Attackers hijack Linux Snap Store apps to steal crypto phrases

Cybercriminals have compromised trusted Linux applications on the Snap Store by seizing expired domains, allowing them to push malware that steals cryptocurrency recovery phrases. Security experts from SlowMist and Ubuntu contributor Alan Pope highlighted the attack, which targets established publisher accounts to distribute malicious updates impersonating popular wallets. Canonical has removed the affected snaps, but calls for stronger safeguards persist.

Coalition urges Google to reverse Android developer verification policy

Raportoinut AI

More than 40 organizations, including Proton, Tor, and AdGuard, have called on Google to abandon a new verification policy for Android developers. They describe it as an 'alien security model' that threatens anonymity and the privacy ecosystem. The appeal highlights concerns over reduced developer privacy in app distribution.

18. maaliskuuta 2026 22.56

New DarkSword tool targets hundreds of millions of iPhones

11. maaliskuuta 2026 20.37

Meta launches parent-managed WhatsApp accounts for children under 13

11. maaliskuuta 2026 06.28

Meta announces new scam protection features

11. maaliskuuta 2026 02.47

Dutch intelligence accuses Russia of hacker attacks on WhatsApp and Signal

14. helmikuuta 2026 13.45

Scammers target Trezor and Ledger users with fake mail letters

25. tammikuuta 2026 15.11

OpenAI users targeted by scam emails and vishing calls

23. tammikuuta 2026 19.20

Custom vishing kits target SSO accounts worldwide

23. tammikuuta 2026 02.03

Huge data leak exposes 149 million credentials without protection

15. tammikuuta 2026 04.11

Flaw in Google Fast Pair devices allows hackers to eavesdrop

14. tammikuuta 2026 06.04

Hackers hijack LinkedIn comments to spread malware

 

 

 

Tämä verkkosivusto käyttää evästeitä

Käytämme evästeitä analyysiä varten parantaaksemme sivustoamme. Lue tietosuojakäytäntömme tietosuojakäytäntö lisätietoja varten.
Hylkää