CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into compromising their accounts.
Investigators identified thousands of malicious URLs being hosted on inexpensive top-level domains and rapidly generated through modern website-building platforms, allowing attackers to deploy new pages at scale. The campaign’s activity logs show hundreds of incidents in recent weeks, with a noticeable surge across the Middle East and Asia.
Read the full report here: https://www.ctm360.com/reports/hackonchat-unmasking-the-whatsapp-hacking-scam
The hacking operations and the exploitation techniques
Two techniques dominate these hacking operations. The Session Hijacking, where threat actors misuse the linked-device functionality to hijack active WhatsApp Web sessions, and Account Takeover, which involves deceiving victims into surrendering authentication keys, granting attackers full control of their accounts. Attackers push these links using templates of fake security alerts, WhatsApp Web lookalike portals, and spoofed group-invite messages. These sites are further optimized for global reach, featuring multilingual support and a country-code selector that adapts the interface for users across multiple regions.
Once scammers gain control of a WhatsApp account, they exploit it to target the victim’s contacts, often requesting money or sensitive information under the guise of a trusted source. They may also sift through messages, media, and documents to steal personal, financial, or private data, which can be used for fraud, impersonation, or extortion. Frequently, these attacks extend further as the compromised account is used to send phishing messages to the victim’s contacts, creating a chain of attacks that spreads the scam.
HackOnChat demonstrates that social engineering remains one of the most scalable attack vectors today, especially when attackers exploit trusted and familiar interfaces and the human trust built around them.
Read the full report here and explore all of CTM360’s latest insights and threat intelligence.
Learn more at www.ctm360.com
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
