CERT-In Warns of 'GhostPairing' WhatsApp Scam: Hackers Seize Accounts Without OTP

• CERT-In issued a high-risk alert for 'GhostPairing', a critical WhatsApp vulnerability allowing full account takeover.
• The scam exploits WhatsApp's device-linking feature, granting hackers access to chats, media, and messages without OTP or SIM swap.
• Attackers use social engineering via compromised contacts, luring users to fake verification pages.
• Methods include tricking users into entering an 8-digit pairing code or scanning a malicious QR code.
• The 'ghostly' attack avoids new login alerts; users must audit linked devices, enable 2SV, and avoid external pairing.

Why It Matters: Beware 'GhostPairing' WhatsApp scam; audit linked devices, enable 2SV, and never pair externally.