A WhatsApp mod called YoWhatsApp has been found to host harmful viruses. This mod has been advertised on platforms like Vidmate and SnapTube to make it look like a legitimate app.
YoWhatsApp works like the original WhatsApp, but its core code is modified to offer more attractive features such as faster speed, the ability to transfer files up to 700MB, user interface customization, and privacy options such as hiding blue ticks.
What are the dangers?
- YoWhatsApp is laced with malware that can steal photos, messages, credentials, passwords and financial details.
- The app can forcefully gain access to the main WhatsApp account and gain control over it.
According to Kaspersky
More than 3,600 users have been targeted in this new attack in the last two months. “It downloads the Triada Trojan to smartphones, which shows ads, secretly subscribes the user to paid content and steals WhatsApp accounts,” the researchers at Kaspersky said.
The cybersecurity company identified reasons such as extra features as motivation for downloading infected apps.
Moreso, the unavailability of YoWhatsApp on Google Play and verified stores makes it easy for attackers to have a field day.
This is not the first time
Another report recently revealed that GB WhatsApp was used to spy on Indian users as time and time again, users fail to stick to the official app on the Google play store.
FMWhatsApp was also discovered to be using an infected advertising module that downloads Trojans to smartphones.
Why is YoWhatsApp still being used?
“Advertising in legitimate applications is a very cunning way for criminals to spread malicious applications, as many users believe that, if the application they are using is safe, then any advertising on it does not carry any risks either.
“However, as we can see, this is not always the case, so we recommend that users download applications only from official app stores,” Anton Kivva, a security researcher at Kaspersky said.