Common tactics include impersonating trusted contacts or support services, sending phishing links or QR codes, and covertly joining group chats to monitor conversations. In some cases, hackers add victims’ accounts to their own devices, enabling access to private messages without detection.
Cybersecurity agencies across Europe and the United States have reported that thousands of accounts may already have been compromised in what appears to be a coordinated global campaign.
Authorities emphasise that the attacks exploit human vulnerability rather than technical flaws in the apps’ encryption systems. Users have been urged to enable multi-factor authentication, verify linked devices, and avoid sharing sensitive information over messaging platforms to mitigate risks.
