CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

Posted on By CWS

Nov 20, 2025The Hacker NewsOnline Fraud / Internet Safety
CTM360 has recognized a quickly increasing WhatsApp account-hacking marketing campaign focusing on customers worldwide by way of a community of misleading authentication portals and impersonation pages. The marketing campaign, internally dubbed HackOnChat, abuses WhatsApp’s acquainted internet interface, utilizing social engineering ways to trick customers into compromising their accounts.
Investigators recognized 1000’s of malicious URLs being hosted on cheap top-level domains and quickly generated by means of trendy website-building platforms, permitting attackers to deploy new pages at scale. The marketing campaign’s exercise logs present a whole bunch of incidents in latest weeks, with a noticeable surge throughout the Center East and Asia.
Learn the total report right here:
The hacking operations and the exploitation strategies
Two strategies dominate these hacking operations. The Session Hijacking, the place menace actors misuse the linked-device performance to hijack energetic WhatsApp Internet periods, and Account Takeover, which includes deceiving victims into surrendering authentication keys, granting attackers full management of their accounts. Attackers push these hyperlinks utilizing templates of faux safety alerts, WhatsApp Internet lookalike portals, and spoofed group-invite messages. These websites are additional optimized for international attain, that includes multilingual help and a country-code selector that adapts the interface for customers throughout a number of areas.
As soon as scammers achieve management of a WhatsApp account, they exploit it to focus on the sufferer’s contacts, typically requesting cash or delicate info underneath the guise of a trusted supply. They could additionally sift by means of messages, media, and paperwork to steal private, monetary, or non-public information, which can be utilized for fraud, impersonation, or extortion. Regularly, these assaults lengthen additional because the compromised account is used to ship phishing messages to the sufferer’s contacts, creating a series of assaults that spreads the rip-off.
HackOnChat demonstrates that social engineering stays some of the scalable assault vectors at present, particularly when attackers exploit trusted and acquainted interfaces and the human belief constructed round them.
Learn the total report right here and discover all of CTM360’s newest insights and menace intelligence.
Study extra at www.ctm360.com

Discovered this text attention-grabbing? This text is a contributed piece from one in all our valued companions. Comply with us on Google Information, Twitter and LinkedIn to learn extra unique content material we submit.

The Hacker News Tags:, , , , , ,

Related Posts

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets The Hacker News
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider The Hacker News
Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats The Hacker News
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities The Hacker News
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats The Hacker News
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign The Hacker News