Security News > 2022 > October > Modified WhatsApp App Caught Infecting Android Devices with Malware
An unofficial version of the popular WhatsApp messaging app called YoWhatsApp has been observed deploying an Android trojan known as Triada.
The goal of the malware is to steal the keys that "Allow the use of a WhatsApp account without the app," Kaspersky said in a new report.
"If the keys are stolen, a user of a malicious WhatsApp mod can lose control over their account."
YoWhatsApp offers the ability for users to lock chats, send messages to unsaved numbers, and customize the app with a variety of theming options.
Typically spread through fraudulent ads on Snaptube and Vidmate, the app, upon installation, requests the victims to grant it permissions to access SMS messages, enabling the malware to enroll them to paid subscriptions without their knowledge.
The development comes amid Meta Platforms filing a lawsuit against three developers in China and Taiwan for distributing unofficial WhatsApp apps, including HeyMods, that resulted in the compromise of over one million user accounts.
News URL
https://thehackernews.com/2022/10/modified-whatsapp-app-caught-infecting.html
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Counterfeit Android devices found preloaded With Triada malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)