Cybersecurity researchers at Kaspersky Security Labs have recently identified an unofficial version of WhatsApp for Android, which is dubbed by experts “YoWhatsApp.”
This unofficial version of WhatsApp is mainly designed to steal users’ account access keys or login credentials. There are many unofficial versions of legitimate apps that are advertised as being unofficial versions.
While these unofficial versions lure users by advertising features that the official versions do not have. Though YoWhatsApp is an unofficial version of WhatsApp, but, it’s a fully working messenger with some key additional features like we have mentioned below:-
There is no difference between YoWhatsApp and the standard WhatsApp application in terms of permissions. The promotion of this unofficial Android mod is done using ads on popular Android apps such as the following ones:
In the latest version of YoWhatsApp, version 2.22.11.75, the threat actors were able to obtain the keys to the WhatsApp accounts of their victims and take full control.
It is claimed that YoWhatsApp will allow users to send files up to 700 MB using their service. While there is a limit of 100 MB per file that can be sent from the official app to your contacts, and this makes the YoWhatsApp more appealing.
In a modified version of WhatsApp, the app sends the user’s access keys to a server located remotely on the developer’s server.
With the use of these keys, open-source utilities may be able to connect and perform actions without requiring a client application to be installed.
Triada Trojan is delivered in this mod that can perform the following functions:-
Over the last two months, Kaspersky has reported that over 3,600 users have been targeted by cybercriminals. A YoWhatsApp clone called WhatsApp Plus has also been detected by Kaspersky as a threat.
The same malicious functionality is also included in this version of the program. It has been discovered that it uses the same VidMate app ad network to spread.
Here below we have mentioned all the recommendations:-
Also Read: Download Secure Web Filtering – Free E-book
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…