WhatsApp Users Worldwide Targeted in Escalating ‘HackOnChat’ Account Hacking Campaign
Table of Contents
A rapidly expanding WhatsApp account-hacking campaign is impacting users globally, leveraging deceptive authentication portals and impersonation tactics. Security firm CTM360 has identified the operation,internally dubbed “HackOnChat,” as a meaningful threat exploiting the platform’s web interface through elegant social engineering techniques.
CTM360 investigators have uncovered thousands of malicious urls hosted on low-cost domains and rapidly deployed using modern website-building platforms. This allows attackers to quickly create and disseminate new phishing pages, evading detection. Activity logs indicate hundreds of incidents in recent weeks, with a particularly noticeable increase in targeting across the Middle East and Asia.A extensive report detailing the campaign’s methods and scope is available here.
Did you know? – The “HackOnChat” campaign uses social engineering,tricking users into giving up account access. Attackers create fake websites and messages that look legitimate to steal information.
Two Primary Tactics Drive the Attacks
the “hackonchat” campaign relies on two core hacking techniques: session hijacking and account takeover. According to a company release, session hijacking involves exploiting WhatsApp’s linked-device functionality to commandeer active WhatsApp Web sessions. Account takeover, conversely, focuses on tricking victims into revealing their authentication keys, granting attackers complete control over their accounts.
Attackers distribute malicious links disguised as fake security alerts, convincing replicas of the WhatsApp Web portal, and even spoofed group-invite messages.These sites are designed for broad international reach, offering multilingual support and a country-code selector to tailor the interface to users in different regions.
Pro tip: – Always verify the sender before clicking links or sharing information. WhatsApp will never ask for your account verification code. Enable two-factor authentication for added security.
From Account Access to Widespread Exploitation
Once attackers gain access to a WhatsApp account,they immediately begin exploiting it. A common tactic involves targeting the victim’s contacts with requests for money or sensitive information,often posing as a trusted source. beyond immediate financial gain, attackers also sift through messages, media, and documents to steal personal, financial, and private data for fraud, impersonation, or extortion.
The threat doesn’t stop with the initial victim. Compromised accounts are frequently used to send phishing messages to the victim’s contacts, creating a cascading effect that rapidly expands the reach of the scam.
Reader question: – Have you or someone you know been targeted by a WhatsApp scam? What steps did you take to protect your account and data? Share your experiences in the comments.
“HackOnChat” underscores the continued effectiveness of social engineering as an attack vector, particularly when attackers exploit familiar interfaces and the inherent trust users place in them. One analyst noted that the camp
