By Manisha Sahu
America News World
December 25,2025
India’s top cybersecurity agency has issued a high-severity alert warning WhatsApp users about a new and sophisticated cyberattack technique known as “GhostPairing”, which allows hackers to take complete control of accounts without needing passwords, one-time passwords (OTPs), or even SIM card swaps. The advisory, released by the Indian Computer Emergency Response Team (CERT-In), highlights growing risks for millions of users who rely on WhatsApp for personal, professional, and business communication.
Meta has been rapidly expanding the payment features available on WhatsApp. (Image: Zohaib Ahmed/The Indian Express)
According to CERT-In, the GhostPairing attack is part of an active threat campaign targeting WhatsApp users across the country. The technique exploits WhatsApp’s device-linking feature, enabling attackers to silently add their own device as a trusted companion device once a user is deceived into entering a pairing code. Once linked, cybercriminals gain unrestricted access to messages, media, and contacts in real time.
What Is GhostPairing?
GhostPairing is a social-engineering-based attack that takes advantage of WhatsApp’s multi-device functionality. WhatsApp allows users to access their chats on laptops, tablets, or browsers by linking these devices to their primary smartphone account. There is currently no strict limit on how many devices can be linked to a single account.
CERT-In explains that attackers manipulate this process by tricking victims into entering a legitimate-looking pairing code. “In a nutshell, the GhostPairing attack tricks users into granting an attacker’s browser access as an additional trusted and hidden device,” the advisory states.
What makes GhostPairing particularly dangerous is that it bypasses traditional security red flags. There is no SIM swap, no password compromise, and often no immediate sign that the account has been hijacked.
How the Attack Works
CERT-In outlined a step-by-step method used by cybercriminals to execute the GhostPairing attack:
Victims receive a message from what appears to be a trusted contact, often reading something like, “Hi, check this photo.”
The message includes a malicious link with a preview resembling a Facebook post or image viewer.
Clicking the link redirects the victim to a fake webpage that prompts them to “verify” their identity to view the content.
The page asks for the victim’s phone number and then displays a pairing code.
Unknowingly, the victim enters this code, which links the attacker’s device to their WhatsApp account.
By following these seemingly harmless steps, users end up granting hackers full access to their WhatsApp accounts. Once the attacker’s device is paired, they can read past messages, monitor conversations in real time, download photos and videos, listen to voice notes, and even impersonate the victim by messaging their contacts and groups.
Why CERT-In Is Concerned
CERT-In assigned a ‘High’ severity rating to this threat, emphasizing its potential for large-scale misuse. WhatsApp accounts are often deeply integrated into users’ personal lives, workplaces, and financial activities. Hijacked accounts can be used to spread scams, steal sensitive information, extort money, or conduct social engineering attacks against friends, family, and colleagues.
The advisory comes at a time when India is witnessing a surge in digital fraud and messaging app-based scams. In October, the Indian Cybercrime Coordination Centre (I4C) under the Ministry of Home Affairs flagged a transnational crime pattern where scammers use ads on Facebook and Instagram to lure victims into linking their WhatsApp accounts to malicious platforms.
Link to SIM-Binding Directive
The GhostPairing warning also follows a major policy move by the Department of Telecommunications (DoT). Last month, the DoT directed messaging platforms such as WhatsApp, Signal, and Telegram to implement continuous SIM binding for user accounts over the coming months.
Under this directive, users will only be able to access messaging apps on devices that contain the active SIM linked to their account. Companion devices like WhatsApp Web will be logged out every six hours, requiring users to re-link them using QR codes.
The government believes this measure will reduce account hijacking and fraud. However, the directive has sparked criticism from digital rights advocates and legal experts, who argue that continuous SIM binding could compromise user privacy and make it difficult for professionals who rely on multiple devices.
Cybersecurity experts have also warned that SIM binding may face technical challenges and may not fully eliminate threats like GhostPairing, which rely more on user deception than technical loopholes.
Impact on Users and Organisations
Once attackers gain access through GhostPairing, the consequences can be severe. Hackers can pose as victims to request money, spread malware links, or collect sensitive personal and business information. In organisational settings, compromised WhatsApp accounts can expose confidential communications and damage reputations.
Businesses that use WhatsApp for customer communication are especially vulnerable. A single hijacked account can lead to data breaches, phishing campaigns, and loss of customer trust.
CERT-In’s Safety Recommendations
To mitigate the risks posed by GhostPairing and similar attacks, CERT-In has issued a set of clear guidelines for both individual users and organisations.
For individual users:
Avoid clicking on suspicious links, even if they come from known contacts.
Never enter your phone number or verification codes on external websites claiming to be WhatsApp or Facebook.
Regularly check the “Linked Devices” section in WhatsApp by going to Settings > Linked Devices.
Immediately log out of any device you do not recognise.
For organisations using WhatsApp:
Conduct regular security awareness training focused on messaging app threats.
Implement mobile device management (MDM) systems where applicable.
Monitor for phishing attempts and social engineering indicators.
Establish rapid response protocols to detect and address account compromises.
A Growing Cyber Threat Landscape
The GhostPairing campaign highlights a broader shift in cybercrime tactics, where attackers increasingly rely on psychological manipulation rather than technical exploits. By exploiting trust between contacts and familiar user interfaces, cybercriminals can bypass even the most cautious users.
As messaging platforms continue to expand features such as payments, cloud syncing, and multi-device access, the attack surface also grows. Security experts stress that user awareness remains the strongest line of defense.
What Lies Ahead
CERT-In’s advisory serves as a timely reminder that convenience often comes with security trade-offs. While WhatsApp’s multi-device functionality offers flexibility, it also creates new opportunities for abuse if users are not vigilant.
With regulators, tech companies, and users all grappling with rising cyber threats, experts say a combination of stronger platform safeguards, clearer policies, and informed user behavior is essential.
For now, CERT-In urges WhatsApp users across India to stay alert, regularly review linked devices, and think twice before clicking on unsolicited links — even during routine conversations. In the evolving digital battlefield, awareness may be the most powerful security tool of all.
Discover more from AMERICA NEWS WORLD
Subscribe to get the latest posts sent to your email.
**, we dive into why your electric bill is climbing and what can be done. ### Why Are Electricity Prices Rising? Electricity costs are soaring across the United States. According to the U.S. Energy Information Administration (EIA), household electricity prices are expected to jump 13% from 2022 to 2025. In some states, the increase is even steeper. For instance, Maine saw a 36.3% spike, while Connecticut faced an 18.4% rise between May 2024 and May 2025. Nationwide, the average household paid 17.47 cents per kilowatt-hour in May 2025, up from 16.41 cents a year earlier—a 6.5% increase. So, what’s driving these hikes? First, there’s a massive surge in electricity demand. More people are using air conditioners during hotter summers. Electric vehicles and heat pumps are also becoming popular. However, the biggest culprit is the rapid growth of AI-powered data centers. These facilities, run by tech giants like Amazon, Google, and Microsoft, use as much electricity as small cities. A single AI search, like one on ChatGPT, consumes 10 times more power than a regular Google search. Additionally, natural gas prices, a key fuel for power plants, have climbed. The aging US power grid also struggles to keep up. Many transmission lines and power plants date back to the post-World War II era. As a result, utilities are spending billions to upgrade infrastructure, and those costs are passed on to consumers. > **Data Highlight: Electricity Price Trends (2022-2025)** > Source: U.S. Energy Information Administration > - **2022**: 14.96 cents per kWh > - **2023**: 15.87 cents per kWh > - **2024**: 16.41 cents per kWh > - **2025 (May)**: 17.47 cents per kWh > *Note*: Some states like Maine (+36.3%) and Connecticut (+18.4%) saw sharper increases. ```chartjs { "type": "line", "data": { "labels": ["2022", "2023", "2024", "2025 (May)"], "datasets": [{ "label": "Average US Electricity Price (cents per kWh)", "data": [14.96, 15.87, 16.41, 17.47], "borderColor": "#007bff", "backgroundColor": "rgba(0, 123, 255, 0.2)", "fill": true }] }, "options": { "responsive": true, "maintainAspectRatio": false, "scales": { "y": { "beginAtZero": false, "title": { "display": true, "text": "Price (cents per kWh)" } }, "x": { "title": { "display": true, "text": "Year" } } } } } ``` ### The AI Power Problem The AI boom is transforming how we live, work, and search online. But it comes at a cost. Data centers that power AI tools are sprouting up fast. Between 2021 and 2024, the number of US data centers doubled. By 2030, they could consume 5% to 9% of the nation’s electricity, according to the Electric Power Research Institute. This is a big jump from just 4% in 2022. For example, PJM Interconnection, which serves 67 million people across 13 states, reported a massive spike in demand. In 2024, its capacity auction prices jumped 833%, with data centers driving nearly 70% of the increase. This led to higher bills for households in states like Pennsylvania, New Jersey, and Ohio. In Columbus, Ohio, typical electric bills rose by $27 a month in 2025. Moreover, AI tasks are energy hogs. Generating a single high-definition AI image uses as much power as charging a smartphone halfway. As more people use AI for work or fun, the strain on the grid grows. Tech companies are racing to build bigger data centers, but the power supply isn’t keeping up. This mismatch is pushing prices higher. > **Image**: An Amazon Web Services data center in Boardman, Oregon, August 2024. (Source: Jenny Kane/AP) > *Caption*: Data centers like this one are driving up electricity demand across the US. ### Other Factors Behind the Price Surge While AI is a major player, it’s not the only reason for rising bills. Natural gas prices have spiked, making it more expensive to generate electricity. Also, the US power grid is old and needs upgrades. The Department of Energy says 70% of transmission lines are nearing the end of their lifespan. Replacing them costs billions, and consumers foot the bill. Extreme weather is another issue. Heat waves and storms are more frequent, forcing utilities to repair or harden the grid. In California, utilities spent $27 billion from 2019 to 2023 on wildfire prevention and insurance. These costs trickle down to customers. Meanwhile, some states are phasing out coal plants, but new renewable energy projects face delays due to permitting issues. For more insights on how energy costs affect households, check out **[AMERICA NEWS WORLD (ANW)](https://america112.com/)** for the latest updates. ### Solutions to Ease the Burden Thankfully, there are ways to tackle rising electricity costs. First, experts suggest speeding up the permitting process for new power plants, especially solar and wind. The International Energy Agency (IEA) predicts that solar and wind could add 110 terawatt-hours of power for data centers by 2030. Streamlining permits could bring these projects online faster. Next, tech companies are stepping up. Google recently signed deals to reduce AI data center power use during peak grid times. Amazon is investing in small modular nuclear reactors to power its operations cleanly. These efforts could lower costs and emissions in the long run. Additionally, hardening the grid can help. In Florida, utilities are using concrete poles and advanced tech to make power lines hurricane-proof. In California, moving lines underground reduces wildfire risks. These upgrades cost money upfront but save on repairs later. Finally, power purchase agreements (PPAs) let data centers buy renewable energy directly. This reduces reliance on fossil fuels and keeps costs down for consumers. Co-locating data centers with solar or wind farms is another smart move. For more on clean energy solutions, visit **[AMERICA NEWS WORLD (ANW)](https://america112.com/)**. > **Data Highlight: Projected Data Center Power Demand** > Source: Electric Power Research Institute > - **2022**: 4% of US electricity consumption > - **2030 (Projected)**: 5% to 9% of US electricity consumption > - **Growth**: Data center energy use could double by 2030. ```chartjs { "type": "bar", "data": { "labels": ["2022", "2030 (Projected)"], "datasets": [{ "label": "Data Center Electricity Consumption (% of US Total)", "data": [4, 7], "backgroundColor": ["#28a745", "#dc3545"], "borderColor": ["#28a745", "#dc3545"], "borderWidth": 1 }] }, "options": { "responsive": true, "maintainAspectRatio": false, "scales": { "y": { "beginAtZero": true, "title": { "display": true, "text": "% of US Electricity" } }, "x": { "title": { "display": true, "text": "Year" } } } } } ``` ### What’s Next for Consumers? Electricity prices may keep rising if demand outpaces supply. The White House warns that AI data centers could push prices up 9-58% by 2030 without new investments. The US needs $1.4 trillion by 2030 to meet growing power needs, according to the White House Council of Economic Advisors. This includes building new power plants and transmission lines. However, not all hope is lost. Renewable energy is getting cheaper. Solar and wind projects are expanding, and nuclear power is making a comeback. For example, Microsoft is reviving Pennsylvania’s Three Mile Island nuclear plant to power its AI tools. These efforts could stabilize prices over time. Consumers can also take action. Using energy-efficient appliances, sealing home leaks, and switching to LED lights can lower bills. ### Global Impact and Local Action The AI-driven power surge isn’t just a US problem—it’s global. Data centers worldwide could consume 3-4% of global power by 2030, up from 1-2% today, according to Goldman Sachs. In Europe, countries like Ireland and Germany are seeing similar price hikes. In Asia, Malaysia’s data centers could account for one-fifth of power demand growth. Locally, communities near data centers face challenges. Noise, water use, and power outages are common complaints. Some states, like Pennsylvania, are pushing back. Governor Josh Shapiro has threatened to pull the state from PJM if costs don’t drop. For more on local energy issues, ### Looking Ahead The AI revolution is exciting, but it’s putting pressure on power grids and wallets. While tech companies and utilities work on solutions, consumers are stuck with higher bills. By investing in clean energy, upgrading grids, and managing demand, the US can balance innovation with affordability. Stay informed with **[AMERICA NEWS WORLD (ANW)](https://america112.com/)** for the latest energy news. For a deeper dive into how AI is reshaping the energy landscape, check out this [CBS News article](https://www.cbsnews.com/news/ai-data-centers-electricity-demand-power-grid-us/) on the growing strain on US power grids.](https://america112.com/wp-content/uploads/2025/08/1198006_3_0818-NPRICES-lines-lede.jpg_standard-1.jpg)
Leave a Reply