WhatsApp: a copy of the Android application hides malware, uninstall it urgently
Malware has been spotted in an unofficial copy of WhatsApp on Android. Available on alternative stores, this app has been infected with a dangerous trojan called Triada. According to Kaspersky, this malware is capable of extracting money from users.
According to Kaspersky cybersecurity researchers, FMWhatsApp, a modified version of the WhatsApp application, hides a dangerous malware called Triada. On alternative app stores to the Play Store and on APK stores, like APKMirror, it is possible to download transformed versions of a popular app.
These applications have been tampered with to provide functionality unavailable on the original version. Unfortunately, some of these apps hide malware. “We discovered that the Trojan Triada has infiltrated one of these modified versions of messaging called FMWhatsapp 16.80.0 with the Adware Development Kit (SDK)”, explains Kaspersky in a report published on August 24, 2021.
Like Joker, Triada is designed to loot users’ bank accounts
Once infiltrated on the smartphone of its victims, “The malware collects unique device identifiers (device ID, subscriber ID, MAC address) […] and the information they collect is sent to a remote server ”. Even more worrying, the Triada malware is also granted full access to users’ SMS.
“FMWhatsapp users grant the app permission to read their SMS messages” during installation, points out the report from Kaspersky. This is where the trap closes. The hackers are then able “Automatically register the victim for premium subscriptions, even if a confirmation code is required to complete the process”. In this way, they extract money from their victims. The Joker malware, which recently returned to the Play Store, does the same.
For the record, Triada is a Chinese malware that made a lot of talk in 2017 and 2019. The software had been preinstalled on many Chinese smartphones from low-cost manufacturers such as LEAGOO and Nomu. “We do not recommend using unofficial modifications to apps, especially WhatsApp mods. You could end up with an unwanted paid subscription, or even lose control of your account altogether ”, warns Kaspersky in the conclusion of his investigation.