Site icon TechNewsBoy.com

This WhatsApp Android knock-off is hijacking user accounts

Multiple WhatsApp knockoff applications have been discovered stealing the legitimate WhatsApp user access keys, researchers have found. 

With these keys, the apps’ authors can run all kinds of malicious campaigns, including one where the victims lose their hard-earned money.

Cybersecurity researchers from Kaspersky recently discovered two messaging apps (opens in new tab) for Android, obviously targeting WhatsApp users. One is called YoWhatsApp, and the other WhatsApp Plus. Both these apps offer pretty much the same functionalities as the actual WhatsApp app, and then some. As per the report, YoWhatsApp apparently also comes with a customizable interface, and individual chat room blocks.

Stealing access keys

What users don’t see, however, is these apps stealing legitimate WhatsApp’s access keys and sending them to the knockoff’s authors, giving the attackers access to the victims’ user accounts. 

According to Kaspersky, the keys can be used in open-source utilities and allow attackers to perform various actions without the user’s consent. Besides actions, the attackers can also eavesdrop on the conversations, steal identity (opens in new tab) data, and similar.

The researchers also said the attackers could use this access to subscribe the victims to premium services, charging them in the process and generating income.

The apps were being advertised via a couple of legitimate Android apps, and Kaspersky suspects the developers did not know they were being used to advertise malware. The authors have since been notified, and Kaspersky expects these distribution channels to be closed soon. Still, users that downloaded these apps will be at risk for as long as the apps are installed on their endpoints.

Popular Android apps have many knock-offs, and while not all of them are malicious, it would be best to just stay away from them, researchers suggest. These kinds of apps are rarely found on Google’s official app repository, the Play Store, and can rather be downloaded as an .APK, from third-party sources. That, alone, should be enough of a red flag, they say.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version