Russian cybersecurity and anti-virus provider Kaspersky Labs has alerted users of an unofficial modification of the popular messaging app WhatsApp called FMWhasapp – the 16.80.0 version which includes the Triada Trojan and one of the ad libraries. Kaspersky detected the malicious implant as Trojan.AndroidOS.Triada.ef.
In this FMWhasapp mod, this particular Trojan acts as a mediator. First, this Trojan collects data on user’s mobile device, followed by downloading one of the other Trojans to the smartphone at the owner’s command. Cybercriminals often embed ads in these mods coupled with the features that users are looking for. These mods became even more dangerous due to their third-party ad modules through which malicious code can sneak in.
Also read: Apple, IBM, Insurance CEOs to work with White House to discuss cyber challenges
Besides ads, these Trojans issue paid subscriptions, intercept a user’s SMS and even accessing the user’s WhatsApp account. "With this app, it is hard for users to recognise the potential threat because the application actually does what it proposed -- it adds additional features. However, we have observed how cybercriminals have started to spread malicious files through the ad blocks in such apps. That is why we recommend you only use messenger software downloaded from official app stores. They may lack some additional functions, but they will not install a bunch of malware on your smartphone," security expert at Kaspersky Igor Golovin said.
It is highly recommended that one only uses the messenger software downloaded from the official app stores like Google Play Store and Apple App Store. In order to avoid getting malwares on their phone, users also need to check the permissions they have given for installed applications, some of which can be very dangerous. Users can also install a reliable antivirus on your phone which will help detect and prevent potential threats.
Also read: Yahoo shuts down news operations in India; Yahoo Mail continues to operate