WhatsApp accounts targeted in ‘GhostPairing’ attack
Guardado en:
| Publicado en: | Computerworld.com (Dec 18, 2025) |
|---|---|
| Publicado: |
Foundry
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Resumen: | A warning for WhatsApp users: cybercriminals have discovered an alarmingly simple way to access a user’s conversations in real time by manipulating the app’s device pairing or linking routine. Another draw is that the app is built on end-to-end encryption (E2EE) privacy in which the private keys used to secure messages are stored on the device itself. The threat to enterprises is that large numbers of employees use WhatsApp as well as communicating in larger employee discussion groups. The recommendation is to assume that multiple groups do exist and educate users to report suspicious phishing or spam from unknown numbers. WhatsApp messaging might look private, but the app itself has gaps that attackers can exploit. GhostPairing comes only weeks after university researchers uncovered a major WhatsApp flaw that allowed them to discover the mobile numbers of the app’s 3.5 billion global user base. [...]it’s not only WhatsApp; researchers recently uncovered a hack affecting the company that created a modified version of Signal for use by senior US politicians. |
|---|---|
| Fuente: | Advanced Technologies & Aerospace Database |