A malicious mod (unofficial modification) of the popular WhatsApp messenger called FMWhatsapp has been discovered.
In WhatsApp, the mod spreads the Triada mobile Trojan, which downloads other Trojans and can launch ads, issue subscriptions, and intercept a user’s SMSs, says cybersecurity firm Kaspersky.
Even though WhatsApp is one of the most popular apps for instant mobile messaging, not all users are satisfied with its features.
Looking for the most user-friendly version, people can be tempted to install modified versions of WhatsApp, which provide many more options than the official one such as choosing dynamic templates or the ability to read deleted messages.
In such apps, Kaspersky says creators often publish various ads to monetise their work. On the flip side, there are fraudsters taking advantage of this, often distributing malicious code through advertising.
An example of this is FMWhatsapp – the 16.80.0 version – which includes the Triada Trojan and one of the ad libraries.
In the dangerous version of the FMWhatsapp mod, the Triada Trojan acts as a mediator. First, it collects data about the user’s mobile device and then, at the owner’s command, downloads one of the other Trojans to the smartphone, explains Kaspersky.
These Trojans can independently launch ads, issue paid subscriptions to the device owner and even log into the WhatsApp account, intercepting the SMS to confirm login – leaving the victim vulnerable to illegal activity through their phone.
“With this app, it is hard for users to recognise the potential threat because the mod application actually does what is proposed – it adds additional features,” says Igor Golovin, security expert at Kaspersky.
“However, we have observed how cybercriminals have started to spread malicious files through the ad blocks in such apps. That is why we recommend you only use messenger software downloaded from official app stores. They may lack some additional functions, but they will not install a bunch of malware on your smartphone,”he concludes.
To stay safe, experts also recommend:
- Only installing applications from official stores and reliable resources
- Remembering to check which permissions you give installed applications – some of them can be very dangerous
- Installing a reliable mobile antivirus on your smartphone which detects and prevents possible threats.