Kaspersky Finds Something Dangerous on WhatsApp Mod

WhatsApp.
Sumber :
  • Getty Images

Jakarta – Kaspersky researchers recently uncovered a new malicious WhatsApp spy mod, which is now proliferating within another popular messenger, Telegram. 

While the modification fulfills its intended purpose by expanding the user experience, the malware secretly collects the victims' personal data. 

With an extensive reach surpassing 340,000 in just one month, this malware predominantly targets users who communicate in Arabic and Azeri, though victims have been identified globally. Azerbaijan, Saudi Arabia, Yemen, Turkiye, and Egypt witnessed the highest attack rates.

WhatsApp.

Photo :
  • Unsplash

Users often turn to third-party mods for popular messaging apps to add extra features. But, some of these mods, while enhancing functionally also come with hidden malware. 

Kaspersky has identified a new WhatsApp mod offering not only additions like scheduled messages and customizable options, but it also contains a malicious spyware module. 

The modified WhatsApp client’s manifest file includes suspicious components (a service and a broadcast receiver) not present in the original version. 

The receiver initiates a service, launching the spy module when the phone is powered on or charging. Once activated, the malicious implant sends a request with device information to the attacker’s server. 

This data covers IMEI, phone number, country and network codes, and more. It also transmits victim’s contacts and account details every five minutes; it is also able to set up microphone recordings and exfiltrate files from external storage.

"People naturally trust apps from highly followed sources, but fraudsters exploit his trust. The spread of malicious mods through popular third-party platforms highlights the importance of using official IM clients," said Dmitry Kalinin, security expert at Kaspersky. 

"However, if you need some extra features not presented in the original client, you should consider employing a reputable security solution before installing third-party software, as it will protect your data from being compromised. For robust personal data protection, always download apps from official app stores or official websites,” Kalinin continued. 

WhatsApp.

Photo :
  • Misrohatun Hasanah

To stay safe, Kalinin recommends these ways: 

1. Only use the Official Market: Download apps and software from official and reputable sources. Avoid third-party app stores, as the risk of them hosting malicious or compromised apps is higher.

2. Install reputable antivirus and anti-malware software on your device. Scan your device regularly for potential threats and keep your security software up to date.

3. Educate yourself about common online fraud schemes: Stay informed about the latest cyber threats, techniques and tactics. Beware of suspicious or urgent requests and offers for personal or financial information.

4. Third-party software from popular sources often comes with no warranty. Keep in mind that such applications may contain malicious implants, for example as a result of supply chain attacks.