The anti-virus firm Kaspersky has warned of a malicious version of a popular WhatsApp mod that could attack mobile devices and their owners with trojan malware.
The FMWhatsApp app is an unofficial version of WhatsApp. Users can download this app from a variety of websites and it provides additional features.
Igor Golovin, a Kaspersky Security Expert, says it is difficult for users to recognize the potential threat with this app because it does what it is supposed to – add extra features. We have however observed that cybercriminals are spreading malicious files through the ad blockers of these apps.”
What malware does the WhatsApp mod contain?
In FMWhatsApp version 16.80.0, one of its ad libraries contains the Triada Trojan.
By downloading trojan malware, mobile devices and their users can collect data about themselves. As soon as it accesses the device, it downloads other Trojan malware.
It can also be programmed to issue paid subscriptions to the device’s owner and launch ads. An invisible window on the app is opened by the Trojan MobOK, which downloads the Trojan and opens a subscription page. The user will not be aware that the ‘Subscribe’ button was clicked.
By intercepting the verification SMS sent to confirm the user’s login, the malware can also log into the user’s WhatsApp account. Users become vulnerable in this situation and may have their devices misused to send spam.
According to Golovin Kaspersky, users should only download and use messenger software from official app stores to stay safe. The apps may be lacking a few features, but they won’t install malware on your handset, he explained.
MOD – Mad over data breaches?
Apple’s recent chips make it very difficult for iOS users to jailbreak or root their iPhones, which significantly decreased jailbreaking and rooting options. It is simply no longer true that the pros (in this case, customization) outweigh the cons (security risks). There has always been a difference between the Android world and other platforms.
A flourishing company is one that values openness, individuality, and customisation. Android users do not hesitate to root their phones or to install modified APKs or mods due to this. Modified Android apps are what we normally call it in simple terms.
‘.APK’ is the extension of a file that contains an Android app. Coders can edit APK files and unlock their features, then make them available for the rest of the world to download.
Using Kaspersky Can Lead To Trojan Malware Download Via Whatsapp Mod
In this way, a whole lot of people can use a paid app for free since it allows them to use the unlocked or modified version. As a part of convenience and customization, users also download mods since modified versions offer a variety of additional features.
What’s the issue?
At first glance, using mods may seem like a good idea, but there’s a huge Kaspersky security risk involved. In addition to the ads embedded in the code, many of these mods use third party advertisements. It is here where the problem starts, since third-party ad modules can contain malicious code.
Kaspersky reports that the FMWhatsapp mod was compromised in this way. In a recent version of FMWhatsApp, a trojan was installed that collected data from users, then downloaded more trojans. In addition to automatically enrolling users in paid subscriptions and hacking users’ original WhatsApp accounts, these trojans can also run invisible ads in the background.
Should you even use third party mods?
As long as you value your privacy and security, then the answer is probably no. There is a good reason why most of these types of unofficial mods cannot be found in the official app stores of Google or Apple.
In turn, this puts you and your data at risk and violates the terms and conditions of these tech companies. There are certain APKs coming from trusted sources, like the app’s original developer. When these files are installed, you will be prompted to acknowledge the risks involved. Taking precaution is the best course of action.
The security expert at Kaspersky, Igor Golovin, offers some straightforward advice. Users may not realize that the Kaspersky FMWhatsapp app is a potential threat since it actually adds additional features, not just what is proposed,” he said. However, around the same time, cybercriminals began to spread malicious files through these adblocking apps. Therefore, we recommend that you only use messengers downloaded from official app stores, as they won’t install malicious code.”
What if my device is infected?
Please describe your symptoms so that we can diagnose the problem. Your smartphone may be compromised if your battery suddenly drains, you see unexpected pop-up ads, you see extra charges, and your data consumption spikes.
Let’s hope you have backed up all your important data and are prepared to wipe your device clean.
If you have a problem with a suspicious app on your device, run an antivirus scan first. Then focus on deleting the suspicious app. Malware often messes with the admin settings on Android phones to gain illegal access to your device. Your best bet might be to perform a system reset, then a system restore.