Cybersecurity expert Kaspersky has discovered WhatsApp knock-offs marred with malware that compromises users’ data and privacy. YoWhatsApp version 2.22.11.75 has been identified carrying a malicious module dubbed as Trojan.AndroidOS.Triada.eq. The module decrypts and launches the malware on users’ devices. The malicious module was found stealing various keys required for legitimate WhatsApp to work. For those unaware, keys of interest to the cybercriminals are typically used in open-source utilities that allow the use of a WhatsApp account without the app. If the keys are stolen, a user of a malicious WhatsApp mod can lose control over their account.
Another WhatsApp knockoff – YoWhatsApp is also spotted carrying the malicious mod. YoWhatsApp is a fully working messenger with some additional features, such as customizing interface or blocking access to individual chats. When installed, it asks for the same permissions as the original WhatsApp messenger, such as access to SMS. However, these same permissions are granted to the Triada Trojan and similar malware. These malwares can also add paid subscriptions without the user’s knowledge.
According to a check up done by Kaspersky, when a user clicks on WhatsApp ads in the official Snaptube app (MD5: C3B2982854814E537CD25D27E295CEFE), the user is prompted to install the malicious build.
Here’s how you can stay safe
It is advisable to install WhatsApp from official sources only – Google Play Store and App Store. In case you have downloaded one such fake app, make sure you remove it from your phone right away. Also, always check app permissions before downloading it on your smartphone.
Recently, cybersecurity research firm ESET has released its latest threat report – T2 2022 Threat Report, according to which, GB WhatsApp – a cloned, third-party unofficial version of WhatsApp is spying on user’s chats in India. This cloned app is not available on Google Play Store though and is therefore available for download through websites only. In absence of any security checks, multiple versions of the app are available that are riddled with malware.
Download The Mint News App to get Daily Market Updates & Live Business News.