Fake WhatsApp apps spotted stealing users’ data: Here’s what you should do | Mint
Active Stocks
Tue Sep 17 2024 15:59:16
  1. Tata Motors share price
  2. 975.00 -1.33%
  1. Tata Steel share price
  2. 152.80 -0.91%
  1. Power Grid Corporation Of India share price
  2. 336.65 -0.50%
  1. NTPC share price
  2. 416.25 1.27%
  1. ITC share price
  2. 507.45 -0.91%
Business News/ Technology / App News/  Fake WhatsApp apps spotted stealing users’ data: Here’s what you should do
BackBack

Fake WhatsApp apps spotted stealing users’ data: Here’s what you should do

YoWhatsApp version 2.22.11.75 has been identified carrying a malicious module dubbed as Trojan.AndroidOS.Triada.eq. The module decrypts and launches the malware on users’ devices.

Kaspersky discovers WhatsApp knock-offs marred with malware that compromises users’ data and privacyPremium
Kaspersky discovers WhatsApp knock-offs marred with malware that compromises users’ data and privacy

Cybersecurity expert Kaspersky has discovered WhatsApp knock-offs marred with malware that compromises users’ data and privacy. YoWhatsApp version 2.22.11.75 has been identified carrying a malicious module dubbed as Trojan.AndroidOS.Triada.eq. The module decrypts and launches the malware on users’ devices. The malicious module was found stealing various keys required for legitimate WhatsApp to work. For those unaware, keys of interest to the cybercriminals are typically used in open-source utilities that allow the use of a WhatsApp account without the app. If the keys are stolen, a user of a malicious WhatsApp mod can lose control over their account.

Another WhatsApp knockoff – YoWhatsApp is also spotted carrying the malicious mod. YoWhatsApp is a fully working messenger with some additional features, such as customizing interface or blocking access to individual chats. When installed, it asks for the same permissions as the original WhatsApp messenger, such as access to SMS. However, these same permissions are granted to the Triada Trojan and similar malware. These malwares can also add paid subscriptions without the user’s knowledge.

According to a check up done by Kaspersky, when a user clicks on WhatsApp ads in the official Snaptube app (MD5: C3B2982854814E537CD25D27E295CEFE), the user is prompted to install the malicious build.

Here’s how you can stay safe

It is advisable to install WhatsApp from official sources only – Google Play Store and App Store. In case you have downloaded one such fake app, make sure you remove it from your phone right away. Also, always check app permissions before downloading it on your smartphone.

Recently, cybersecurity research firm ESET has released its latest threat report – T2 2022 Threat Report, according to which, GB WhatsApp – a cloned, third-party unofficial version of WhatsApp is spying on user’s chats in India. This cloned app is not available on Google Play Store though and is therefore available for download through websites only. In absence of any security checks, multiple versions of the app are available that are riddled with malware.

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Catch all the Business News , Technology News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 15 Oct 2022, 09:47 AM IST
Next Story footLogo
Recommended For You