Published: December 22, 2025 10:16 AM IST 
India’s cyber security agency CERT-In has warned WhatsApp users about a serious security risk that could allow hackers to fully take over their accounts. In an advisory accessed by news agency PTI, CERT-In said attackers are misusing WhatsApp’s “device-linking” feature. This feature, which allows WhatsApp to be used on multiple devices, can be exploited to secretly connect a hacker’s device to a user’s account.
The security flaw is known as GhostPairing and can put users’ private messages, photos, and videos at risk, especially on WhatsApp Web.
CERT-In said cyber criminals are using pairing codes to hijack WhatsApp accounts without proper checks. In some cases, attackers do not even need a password or a SIM card swap to gain access. “This new cyber attack method allows hackers to take full control of WhatsApp accounts,” the advisory warned.
For those who may not know, CERT-In works under the Ministry of Electronics and Information Technology. Its role is to protect India’s digital space and respond to cyber threats that affect users and online systems across the country.
GhostPairing is a new hacking method that allows criminals to take full control of a WhatsApp account without needing a password or access to the user’s SIM card. This attack takes advantage of WhatsApp’s device-linking feature. Hackers use pairing codes that appear genuine but do not go through proper security checks. This allows them to quietly link their own device to the victim’s WhatsApp account.
Once the account is taken over, attackers can read messages and send texts to the victim’s contacts, often pretending to be the real user.
In simple terms, CERT-In explained that GhostPairing fools users into unknowingly approving a hacker’s web browser as a trusted device. This extra device stays hidden, giving the attacker ongoing access to the WhatsApp account without the user realizing it.
According to CERT-In, the attack usually starts with a message that looks harmless. A user may receive a text like “Hi, check this photo” from a contact they know and trust. The message contains a link that shows a preview similar to Facebook. When the user clicks on it, the link opens a fake Facebook page that asks them to “verify” their identity to see the photo or content.
At this point, attackers misuse WhatsApp’s device-linking option. The victim is tricked into entering their phone number, thinking it is part of the verification process.
By following these simple steps, the user unknowingly allows the attacker to link a new device to their WhatsApp account. This gives the hacker full access to the account—without stealing a password or doing a SIM swap, CERT-In said.
Once a hacker’s device is linked, they get access similar to WhatsApp Web. This means they can:
Because the extra device stays hidden, many users may not realise their account has been compromised.
For breaking news and live news updates, like us on Facebook or follow us on Twitter and Instagram. Read more on Latest India News on India.com.
Follow Us 
By 
