According to recent reports, the unauthorized WhatsApp programme “Yo WhatsApp” has been obtaining user account access keys. Ads for this malicious app have appeared in other Android programs, including Snaptube, which lets users download YouTube videos.
According to Kaspersky, the fake program has been discovered transferring users’ WhatsApp access credentials to the developer’s remote server. Without the user’s awareness, this might give hackers access to discussions, data theft, and paid subscription setups.
Malicious Features which are absent in the Official App
Additionally, it was found that the software included functionality not found in the official WhatsApp app, including the ability to personalize the user experience and chat room blocking for specific users. Several other features are absent in the office yet, but these fake and unofficial apps lure users through these features. Many innocent users are unaware of this phenomenon and fall prey to such apps. As a result, data breaches occur and such unofficial apps steal users’ data and put it to several malicious uses.
Another unofficial app ‘WhatsApp Plus’ along similar lines
Through the Vidmate app, another similar software named “WhatsApp Plus” was disseminated. Similar harmful traits and flaws were seen in this app as well. Before the publication of this article, The Independent contacted Vidmate for comment, but they did not answer.
Kaspersky’s investigation and actions regarding Malware Detection
According to Kaspersky, it is likely that the businesses were not aware that malware was being spread and that the distributors would soon be shut down. The security firm has been looking into malware known as the Trida in WhatsApp replicas for the past year. Trida is particularly challenging to detect since it can alter an Android OS core process and take the place of the phone’s system operations.
