Application YoWhatsApp, unofficial version What’s up? For Android, it was used by criminals to steal accounts. According to information from security company Kaspersky, version 18.104.22.168 brings A malicious file that allows attackers to obtain messenger access keys.
It is promoted in advertisements on popular apps like YoWhatsApp, Snaptube, and Vidmat. To attract new users, the app offers unique features like a personalized interface.
How does YoWhatsApp steal WhatsApp accounts?
According to Kaspersky, YoWhatsApp is one of the few apps with modified WhatsApp builds containing the malicious Triada file.. Once installed, the stealth threat sends account access keys to a remote server from the developer.
Like the official WhatsApp, the modified app also asks for certain permissions like SMS access. This way, Triada gets all the account information.
This data can be used in open source software to perform various actions. For example, HEAttackers can control accounts, access secret messages with other people, and impersonate the real user.
Finally, Kaspersky notes that the malicious file may enable other permissions and unwittingly enroll victims into so-called premium subscriptions. Something that can generate revenue for cybercriminals.
How to protect WhatsApp account?
Generally, unofficial WhatsApp apps are distributed in APK format outside of the Google Play Store. This app is not recommended as it exposes the device to malicious files like Triada.
For more, Experts advise users to be suspicious of messages from people promoting software or posting unusual links.. If possible, contact the person to see if they actually sent the messages.
Source: Tec Mundo