1 min read.Updated: 25 Aug 2021, 12:24 PM ISTLivemint
A malware called Triada Trojan was found in a mod called FMWhatsApp and its advertising software development kit. It runs unsolicited ads on the user's devices, some of which run in the background without the user’s knowledge
NEW DELHI: Cybersecurity firm Kaspersky has found a popular WhatsApp mod which spreads malware on users’ devices. Mods are user created versions of an app, which aren’t officially authorised by the company but offer features that the original version of the app doesn’t. Companies usually try to deter users from downloading such apps precisely because they may involve downloading malware.
According to Kaspersky, the company found a malware called Triada Trojan in a mod called FMWhatsApp and its advertising software development kit (SDK). The company said it runs unsolicited ads on the user’s device, some of which also run in the background without the user’s knowledge. It also collects key information from the user’s device that can be used to compromise their data.
“It’s worth highlighting that FMWhatsapp users grant the app permission to read their SMS messages, which means that the Trojan and all the further malicious modules it loads also gain access to them. This allows attackers to automatically sign the victim up for premium subscriptions, even if a confirmation code is required to complete the process," the company said in a blog post.
“With this app, it is hard for users to recognize the potential threat because the mod application actually does what is proposed – it adds additional features. However, we have observed how cybercriminals have started to spread malicious files through the adblocks in such apps," said Igor Golovin, security expert at Kaspersky. “That is why we recommend you only use messenger software downloaded from official app stores. They may lack some additional functions, but they will not install a bunch of malware on your smartphone," he added.