A fake version of WhatsApp is circulating, stealing accounts and personal information from thousands of users. Analysts from the cybersecurity firm Kaspersky Lab shared the findings.
This unauthorized version is known as “YoWhatsApp,” and it is a fully functional messaging program that steals user account access credentials. It even has the same permissions as conventional WhatsApp and is promoted via advertisements on other scam applications like Snaptube and Vidmate.
However, unlike the original WhatsApp, YoWhatsApp allows you to link two cell phones to a single account and includes added capabilities such as anonymous texting, reading deleted messages, and password-protecting conversations.
The current version of YoWhatsApp (v126.96.36.199) is collecting WhatsApp keys, allowing attackers to gain control of your account, according to Kaspersky experts. The developer’s remote server receives the stolen WhatsApp keys.
These keys may be used in open-source tools to connect to the server and conduct operations as the user without using the client.
Although it is unknown if these keys have been used in any attacks so far, they are nonetheless causing for worry since they may lead to account takeovers, data breaches, impersonation of close contacts, and other issues.
The Triada Trojan is implanted in the app, leaving an open backdoor for the software. It may take advantage of app permissions to sign you up for premium subscriptions without your awareness.
Other phony WhatsApp versions exist, one of which is known as “WhatsApp Plus.” It has the same nasty features for account theft and more.
Fortunately, none of these applications is accessible on the Google Play Store, thus at the time of writing, they should not be able to damage most users.