WhatsApp is undoubtedly the most popular instant messaging apps worldwide, with an estimated two billion monthly active users, according to Statista. Therefore, such immense popularity of an app becomes an easy target for hackers to woo users and promote a modded version of the app to get access to the messages, send spam texts, and ultimately steal your money.
The Independent reports that an unofficial WhatsApp called Yo WhatsApp has been stealing access keys. It reports that the app was earlier promoted through ads in other Android apps like Snaptube which lets users download YouTube videos.
The alleged app was discovered by Kaspersky, who alleged that the app reportedly sent users’ WhatsApp access key to a remote server.
Attackers might be able to see discussions and take information that they could use for phishing or other hacks as a result. Additionally, the attackers might “install paid subscriptions without the user’s knowledge” using this access.
Through the Vidmate app, a similar-looking clone of that app with the name “WhatsApp Plus” spread as well. Additionally, users of Vidmate can download videos from TikTok, Facebook, Instagram, and YouTube.
“Cybercriminals are increasingly disseminating harmful programmes utilising the strength of trusted software. This means that consumers may still become victims of them even if they use well-known apps and official installation sources, according to the Kaspersky experts.
“In particular, spyware like Triada can take an IM account and utilise it, for instance, to send malicious spam and other unwelcome messages. Money belonging to the user is also at stake because the infection can set up paid subscriptions for the victim with ease.
