• Silent attack on WhatsApp allows hacker full access to conversations
• The hacker uses fake links and social engineering techniques

Security reports have warned of a new cyberattack targeting WhatsApp users, allowing the hacker “full access to accounts” through social engineering methods, without the need to steal passwords or exploit technical vulnerabilities.

The attack is considered silent and hard to detect except by those who know the warning signs, but once identified, it can be avoided.

A technology platform said the attack, known as GhostPairing, uses social engineering and device linking in WhatsApp to enable attackers to gain complete control of accounts.

The attacks began in the Czech Republic and then spread internationally through reusable tools available in multiple languages.

The attack works as follows: the user receives a text message or notification linking to content on Facebook, such as “I found this photo for you” or “You have been tagged in this photo,” aiming to prompt them to click the link.

The link redirects the user to a fake Facebook page that requests verification to access the photo.

When the phone number is entered, a code is sent that is effectively used to link a new device to the user’s WhatsApp account, granting the attacker full access to previous conversations, incoming messages, photos, videos, and sensitive information, making the attack extremely dangerous.

Reports warned against sharing codes or entering them through untrusted links.

Users are advised to regularly review devices linked to their WhatsApp account, and if any unknown device is found, to log it out immediately.

The device can be re-linked later if it was removed by mistake.

WhatsApp emphasized the importance of enabling two-step verification, linking the account only to official services, and not sharing information with unknown persons, confirming that the three key steps to stay safe are: Stop – Question – Verify.

These alerts come after previous warnings from the U.S. National Security Agency regarding the exploitation of device linking to hack high-profile accounts, with an expected increase in the number of victims.