Unofficial WhatsApp Mod, YoWhatsApp, Steals Android Users’ Accounts, Says Kaspersky

An unofficial WhatsApp mod that goes by the name YoWhatsApp has been caught stealing accounts of Android users after gaining access to their login credentials.

It turns out that its latest version gains a new ability, which allows it to access the keys of WhatsApp users.

Unofficial WhatsApp Mod, YoWhatsApp, Steals Android Users’ Accounts, Kaspersky Discovers
Visitors walk at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. - Phone makers will focus on foldable screens and the introduction of blazing fast 5G wireless networks at the world's biggest mobile fair starting February 25 in Spain as they try to reverse a decline in sales of smartphones. by GABRIEL BOUYS/AFP via Getty Images

Unofficial WhatsApp Mod YoWhatsApp

According to a recent report by Bleeping Computer, the unofficial mod of the Meta-owned messaging service so-called "YoWhatsApp" is a messenger app.

It allows Android users to use the WhatsApp messaging service without having to install the official app. And as such, the unofficial mod also gains the same permissions that the original counterpart has.

However, unlike the official WhatsApp app, the Android mod entices users with additional functionalities, such as customization features.

It provides options that let users change the color of the icon, as well as the specific chats. And besides the color options, it also comes with various emojis.

Interestingly, the unofficial WhatsApp mod also claims to expand the limit of sending files up to 700 MB. On the other hand, the official app only allows users to send files taking up to 100 MB to their contacts.

Bleeping Computer notes in its report that the said mod is highly promoted through advertisements on other Android platforms, such as Vidmate and Snaptube.

All that said, some Android users have gone on to install it despite the risks that come with it.

YoWhatsApp Reportedly Steals Android Users' Accounts

It turns out that the latest version of YoWhatsApp, v2.22.11.75, steals the login credentials of WhatsApp users on Android. In turn, Bleeping Computer reports that it could potentially allow hackers to take over the accounts of the users of the WhatsApp mod.

Whatsapp
This picture taken in Moscow on October 5, 2021 shows the US instant messaging software Whatsapp logo on a smartphone screen. - Major social media services including Facebook, Instagram and WhatsApp were hit by a massive outage on October 4, 2021, tracking sites showed, impacting potentially tens of millions of users. by KIRILL KUDRYAVTSEV/AFP via Getty Images

The Russian cybersecurity firm, Kaspersky, discovered that YoWhatsApp has been stealing the access keys of its users. The mod reportedly sends out the keys of WhatsApp accounts to a remote server of its developers.

The cybersecurity service says that "the malicious module stole various keys required for legitimate WhatsApp to work."

However, it should be noted that the Russian firm did not mention if the stolen keys of users have been used to take over their accounts. Yet, Kaspersky still warns the threat actors could actually do so, given that the access keys have now been stolen.

Although the unofficial mod of WhatsApp is not available on the Google Play Store. Kaspersky learned that YoWhatsApp persistently appears on the Snaptube app. And once an Android user taps on the ad, it lets them install it.

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics