YoWhatsApp promised to be an alternative client for WhatsApp, which allowed us to get more out of the messaging app with functions that are not included by default. This app also operated with the same permissions as the original WhatsApp, which, in theory, shouldn’t set off anyone’s alarms.
However, although they have been on the Google app store for a long time, and have even been promoted through supposedly legit advertising platforms, the hackers behind this app have made a mistake. And Kaspersky has realized this.
The app steals WhatsApp keys and allows you to take controlYoWhatsApp developers have taken advantage of the latest update of this unofficial WhatsApp client, 188.8.131.52, to hide malicious code inside. Thanks to it, when users log in with their WhatsApp account in this app, the code is responsible for stealing the account’s authentication and encryption keys and sending them to hackers.
With these keys, any user can take full control of any user’s account and use it both to read the messages that have been sent and to send their own messages to other users, even without leaving a trace.
This app has been promoted through very popular applications, such as Snaptube, a very complete tool for downloading all kinds of videos from the Internet. As soon as Kaspersky detected the threat, he notified the platform, which removed the ads for this app from its website. Of course, the security firm has found other alternative WhatsApp clients, such as whatsapp plus, which use the same technique both to advertise themselves (through advertisements on popular websites and platforms) and to steal the passwords of their victims’ WhatsApp clients. Therefore, it is difficult to know how far this campaign goes.
It is not the first time something like this happens. Last year, without going any further, Kaspersky also detected that a very famous WhatsApp mod, fmwhatsapp, it had been purposefully modified to hide the Triada Trojan inside. And, when a victim installed the app on his Android, he took complete control of it without raising the slightest suspicion.
Target against WhatsApp clients
The only way to stay safe when using WhatsApp is to use the authentic app, also downloaded from the App Store or Play Store on iOS and Android respectively. Anything outside of it not only jeopardizes our privacy, but may also result in Meta preventing us from using their service any further.