Relevance for UPSC: GS Paper III (Cyber Security, Digital Safety)
Source: The Hindu; Deccan Herald
Core Concept
GhostPairing is a social-engineering cyberattack in which an attacker covertly links their own device to a victim’s WhatsApp account by misusing the platform’s legitimate device-linking feature. The victim’s password, one-time password, or SIM card is not compromised.
How the Attack Works
- A message, appearing to be from a trusted contact, contains a malicious link.
- The link opens a fake content page asking for verification.
- When the victim enters the pairing code, the attacker’s device gets authorised access.
- The attacker can read and send messages without alerting the victim, unless linked devices are checked.
Why It Matters
- Shows the growing shift from technical hacking to behavioural manipulation.
- Exposes risks in digital platform features when users lack awareness.
- Important for debates on cyber fraud, platform accountability, and data protection.
| UPSC Value Box Key Term: Social engineering – exploiting human trust rather than software flaws to commit cybercrime. Institution / Framework: Indian Computer Emergency Response Team (CERT-In) – nodal agency for cyber security incidents and advisories. |
Q. GhostPairing mainly exploits which of the following?
(a) Weak encryption algorithms
(b) SIM card cloning
(c) Device-linking feature through social engineering
(d) Network-level malware
Share This Story, Choose Your Platform!
Start Yours at Ajmal IAS – with Mentorship StrategyDisciplineClarityResults that Drives Success
Your dream deserves this moment — begin it here.