FMWhatsApp, an unofficial modification of Facebook’s messenger, received malicious code in an update and went on to hide a trojan that is capable of charging improperly on the cell phone. The discovery was made by researchers at the cybersecurity company Kaspersky, and disclosed in a report published on Tuesday (24).
READ: WhatsApp: learn how to save contacts in the app
Modified version of WhatsApp received trojan in update; understand — Photo: Rubens Achilles/TechTudo
WhatsApp ghost icon on notebook; What can it be? Find out in the TechTudo Forum.
The trojan present in the modified APK is able to collect different data from the cell phone, such as cell phone model, telephone operator and operating system version. When the user accesses the app, this data is sent to a server, which responds by displaying full-page ads and running ads in the background on the mobile phone. Malicious software can also subscribe to paid services without the user’s consent, and even install other malware on the smartphone.
In the worst case, the cybercriminals behind the trojan can still hijack the user’s WhatsApp account to apply scams and distribute the malware to other people. This is because the APK requires abusive permissions, such as access to SMS messages, which allows cybercriminals to check the verification codes received on the mobile.
Modified versions of WhatsApp are popular for bringing together many extra features and functions missing from the original app. With them, it is possible to leave the messenger interface colorful, simultaneously access more than one WhatsApp account, recover messages deleted by the sender and even hide the statuses of “online” and “typing…”. However, the use of these modified APKs poses a series of risks to the mobile phone and the privacy of users.
Using unofficial WhatsApp APKs is not recommended as it is not possible to determine if the applications are hosted on secure servers. As these illegal “clones” of the official messenger cannot be downloaded from the Android app store, they do not meet the protection criteria adopted by Google and may come bundled with malware, such as FMWhatsApp.
WhatsApp itself discourages the use of modifications, as the messenger cannot attest to the security practices practiced by APKs. So, if you have any mod installed on your cell phone, it is recommended that you uninstall the “cloned” version and use the official messenger again.