Malware spreads through a modified version of the WhatsApp application

Developers release unofficial modified versions of WhatsApp.


Kaspersky has detected a malicious version of a modified version of the WhatsApp application.

Developers release unofficial modified versions of some popular applications, most notably WhatsApp.

But a modified version of this app, called FMWhatsapp, publishes a "Triada" Trojan that targets mobile phones, and is capable of downloading other "Trojans", launching ads, issuing subscriptions, as well as being able to intercept a user's SMS messages.

Although WhatsApp is one of the most popular smart applications for instant messaging in the world, its advantages do not satisfy all users, some of whom are attracted to install modified versions of WhatsApp, because such versions offer more options than it allows. The official version, such as the choice of dynamic templates, or the ability to read deleted messages.

Often, content creators in such applications publish various advertisements to monetize their work and make money from it, but there are fraudsters on the other side who take advantage of this to distribute malicious code through advertisements.

One example of this is the version (16.80.0) of the modified version of WhatsApp, called FMWhatsapp, which includes the Triada Trojan and a library of ads.

The “Trojan” collects data about the user’s mobile device, before downloading another “Trojan” to the smartphone, which he chooses from the group of “Trojans” based on the order of the party behind it.

Kaspersky experts recommend users to follow several measures to stay safe, including installing applications only from official stores and trusted sources, making sure to check the permissions granted to installed applications, as some of them may be dangerous, and installing a reliable antivirus solution on the mobile phone. , such as Kaspersky Internet Security for Android, which detects and blocks potential threats.