The encryption held; the victim approved a linked-device pairing and handed the attacker an authorised endpoint that reads everything in plaintext, which is account takeover at the identity layer and has nothing to do with breaking WhatsApp. Singapore agencies and political office holders run official-adjacent traffic over the same consumer apps, so the only lever available when this lands here is the blunt one Australia used, removing the app off devices for days, which is the move you make when no governed channel was ever stood up to do the same job. A government-managed device barely helps because the same account stays live on a personal phone that no MDM reaches, so the hardened endpoint inherits the compromise of the one you cannot see.
The encryption held; the victim approved a linked-device pairing and handed the attacker an authorised endpoint that reads everything in plaintext, which is account takeover at the identity layer and has nothing to do with breaking WhatsApp. Singapore agencies and political office holders run official-adjacent traffic over the same consumer apps, so the only lever available when this lands here is the blunt one Australia used, removing the app off devices for days, which is the move you make when no governed channel was ever stood up to do the same job. A government-managed device barely helps because the same account stays live on a personal phone that no MDM reaches, so the hardened endpoint inherits the compromise of the one you cannot see.