Unofficial version of whatsApp is stealing personal data – Here’s how to protect yourself
The analysts found out that the latest version of this fake app is stealing WhatsApp keys
A fake version of WhatsApp is gaining popularity. The version is stealing personal data and accounts from over thousands of users. Analysts at the cybersecurity company Kaspersky shared a report in this aspect.
The unofficial version is named ‘YoWhatsApp’ and it has all the functional features that the original messenger app has. It steals access keys for user accounts and even uses the same permissions as the standard WhatsApp does. The app is also advertised on other fake, scam applications such as Vidmate and Snaptube.
Unlike the original version of WhatsApp, YoWhatsApp assigns you two numbers which you can connect to a single account. It also offers additional features such as viewing the messages deleted, adding passwords to chats and anonymous messaging as well.
The analysts found out that the latest version of this fake app is stealing WhatsApp keys and also letting hackers take control of accounts. These stolen keys are then sent to the developer’s remote server.
Kaspersky’s analysts have revealed that the keys can be used in open-source utilities to connect and do actions as the user without the actual client.
Although it is unclear if the keys have been used for attacks yet, however, it is still seriously concerning because it can lead to account takeovers, impersonation to close contacts and even data leaks.
In addition to this, the app has Triada Trojan in it which leaves an open backdoor to the app. This can exploit app permissions and register the user to paid subscriptions without requiring permission.
Other than this version, there are some other fake ones as well. But none of these are available on Google Play Store and therefore, cannot harm users at the time of writing.
How to protect yourself
Fake versions of different applications offer a wide variety of features that the original might lack which is their strategy of targeting users to download them. These apps might seem intriguing but they put your privacy and security at risk.
No matter what the unofficial apps claim, always use the original and official ones. They are much more secure and you wouldn’t fear data breach using them.
What are your views on this? Share in the comments bar below.
