Cyber security researchers warn hackers are hijacking WhatsApp accounts using trust, not broken encryption, raising serious global security concerns.
The attack, called GhostPairing, abuses legitimate WhatsApp features to secretly link accounts to hacker-controlled devices.
Victims receive messages appearing to come from trusted contacts, increasing credibility and urgency within close personal networks.
The message includes a link claiming to show a photo, but redirects users to a fake Facebook login page.
Users are prompted to enter their phone number, believing they are accessing a familiar and safe service.
Instead of showing content, the page activates WhatsApp’s device pairing feature using a visible pairing code.
Victims are instructed to enter the code inside WhatsApp, unknowingly authorising an unknown linked device.
This grants hackers real-time access to messages, photos, videos, and voice notes without passwords.
Once inside, attackers message the victim’s contacts, spreading the scam quickly in a dangerous snowball effect.
The scam was uncovered by cyber security firm Avast, highlighting a shift towards exploiting human trust.
Avast expert Luis Corrons said criminals now focus on persuading users to approve access themselves.
He warned this threat goes beyond WhatsApp, affecting any platform using quick and low-visibility device pairing.
Researchers fear many users may already be compromised without noticing suspicious activity.
WhatsApp users can check linked devices by opening Settings and selecting the Linked Devices option.
Any unfamiliar devices should be removed immediately to prevent further access and limit damage.
