{"id":1246,"date":"2025-08-01T14:25:36","date_gmt":"2025-08-01T13:25:36","guid":{"rendered":"https:\/\/zerothcode.com\/blog\/?p=1246"},"modified":"2025-08-01T14:25:36","modified_gmt":"2025-08-01T13:25:36","slug":"modified-whatsapp-app-caught-infecting-android-devices-malware","status":"publish","type":"post","link":"https:\/\/zerothcode.com\/blog\/modified-whatsapp-app-caught-infecting-android-devices-malware\/","title":{"rendered":"Modified WhatsApp App Caught Infecting Android Devices with Malware"},"content":{"rendered":"
\"WhatsApp
WhatsApp Malware<\/figcaption><\/figure>\n

 <\/p>\n

An unofficial version (WhatsApp Malware) of the popular WhatsApp messaging app called YoWhatsApp\u00a0<\/b>has been observed deploying an Android trojan known as Triada.<\/p>\n

The goal of the malware is to steal the keys that “allow the use of a WhatsApp account\u00a0without the app<\/a>,” Kaspersky said in a new report. “If the keys are stolen, a user of a malicious WhatsApp mod can lose control over their account.” WhatsApp Malware<\/p>\n

YoWhatsApp offers the ability for users to lock chats, send messages to unsaved numbers, and customize the app with a variety of theming options. It’s also said to share overlaps with other modded WhatsApp clients such as FMWhatsApp and HeyMods. WhatsApp Malware<\/p>\n

WhatsApp Malware – The Russian cybersecurity company said it found the malicious functionality in YoWhatsApp version 2.22.11.75.<\/p>\n

\"WhatsApp
WhatsApp Malware<\/figcaption><\/figure>\n

 <\/p>\n

Typically spread through fraudulent ads on Snaptube and Vidmate, the app, upon installation, requests the victims to grant it permissions to access SMS messages, enabling the malware to enroll them to paid subscriptions without their knowledge.<\/p>\n

A successful theft of the keys can lead to a total compromise of the account, allowing the adversary to access chat messages and even impersonate the victim to send malspam and conduct financial fraud. WhatsApp Malware<\/p>\n

The development comes amid Meta Platforms\u00a0filing a lawsuit\u00a0against three developers in China and Taiwan for distributing unofficial WhatsApp apps, including HeyMods, that resulted in the compromise of over one million user accounts.<\/p>\n

The findings also arrive a little over a year after threat actors were found delivering the Triada malware through FMWhatsApp. WhatsApp Malware<\/p>\n

“Cybercriminals are increasingly using the power of legitimate software to distribute malicious apps,” the researchers pointed out. “This means that users who choose popular apps and official installation sources, may still fall victim to them.”<\/p>\n

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security<\/a><\/p><\/blockquote>\n