- Kaspersky has detected a piece of malware that enhances WhatsApp, but also steals user data.
- This includes contacts, account details, IMEI number, phone numbers and country codes.
- The malware has been downloaded by as many as 340 000 people.
Meta’s WhatsApp is rather robust when it comes to features with text messaging, business chatbots and both audio and video calling. Despite this feature set, many users want more from WhatsApp and this gives ne’er-do-wells a way to take advantage of well-meaning users.
Cybersecurity firm Kaspersky has spotted a piece of spyware that parades as a WhatsApp mod and hoovers up user information. The spyware is oddly being peddled through Telegram where it has racked up as many as 340 000 downloads.
The WhatsApp mod in question includes several suspicious components including one that allows an attacker to deploy a spy module when a phone is charging or powered on. This module hoovers up data including contacts, account details, IMEI number, phone numbers and country codes. This data is sent to the attacker every five minutes and they can even record audio and lift data from external storage.
Kaspersky notes that Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt are the top five countries with the highest attack rates. The cybersecurity firm notes that the malware can and does affect users in other countries.
“People naturally trust apps from highly followed sources, but fraudsters exploit this trust. The spread of malicious mods through popular third-party platforms highlights the importance of using official IM clients. However, if you need some extra features not presented in the original client, you should consider employing a reputable security solution before installing third-party software, as it will protect your data from being compromised. For robust personal data protection, always download apps from official app stores or official websites,” explains security expert at Kaspersky, Dmitry Kalinin.
This spyware reiterates the need for users to download apps exclusively from official digital storefronts.
This mitigates a lot of risk but we should note that there is a history of apps being hijacked and used to spread malware. For that reason, it’s a good idea to have a security solution installed on your smartphone, just in case a supply chain attack happens.