1. If the client application is hashing ciphertext, its hash will not match any known offending hashes, even if the plaintext is a known file.

I don't understand why someone would go through the trouble of using WhatApp to pass around separately-encrypted files instead of using anything else, though.

2. It's also "technically possible" to do the scanning server-side, on the encrypted stream, and flag anything that by chance matches a known hash.