Some WhatsApp mods, which are unofficial versions of the app, have been found to contain hidden spyware. This spyware is designed to steal personal information from your device. It’s alarming because it could put your privacy at risk.
What are WhatsApp Mods?
WhatsApp mods are unofficial, altered versions of the popular messaging app WhatsApp. There are benevolent variations of them, but we are talking of one which has been modified to include malicious code. In general using modified versions or “mods” of popular messaging apps can pose significant risks. These mods, created by third-party developers, may offer enticing features but can also harbor spyware and malicious code.
- Modded apps often bypass the official security measures, making your data more vulnerable.
- Mods are typically downloaded from unverified sources, making it easy for cybercriminals to distribute spyware.
- Spyware hidden within mods can steal sensitive personal information, compromising your privacy.
- It can be a breeding ground for various malware, not just spyware, which can harm your device and data.
Just for a disclaimer – I am not claiming all the WhatsApp mods are malicious. There are modifications clear of any malicious intent. Nonetheless, using mods for messengers are an obvious security risk, for the reasons listed above.
Infected WhatsApp Mods – How Do They Work?
Throughout the last time, analysts started detecting a huge amount of malicious mods that share a couple of things in common. All of them are promoted in Telegram, and target users from Arabic countries, particularly Middle Eastern ones. Though, a more important thing is the presence of the same malicious module that sits right into such an app.
Infected mods of WhatsApp contain not just visible changes, but also malicious code that allows it to perform all the dirty deeds. Then, the thing launches the spy module within the WhatsApp spy mod, particularly when the phone is powered on or starts charging.
This spy module harvests sensitive information from the infected device, including the IMEI, phone number, mobile country code, and mobile network code. Additionally, it requests configuration details like data upload paths and intervals for communication with the command-and-control (C&C) server. The module also transmits information about the victim’s contacts and accounts every five minutes.
Distribution Channels
Experts have discovered that these spyware-laden WhatsApp mods are distributed through the popular messaging app Telegram channels, those in Arabic and Azeri languages. And some channels on Telegram are being used to spread these harmful mods. These channels boasted a subscriber base of two million users. Telegram swiftly received notifications about the activities taking place on these channels. Experts diligently downloaded the versions of these mods from the channels. Unsurprisingly, they uncovered a spy module in each one, confirming their suspicions.
In addition to Telegram channels, these infected mods are distributed through websites dedicated to WhatsApp modifications.
Malicious WhatsApp Mods Target Middle East Users
The spyware has targeted Arabic-speaking users in particular, with messages sent to the spyware’s control server being in Arabic. This suggests that the person behind the spyware is likely fluent in Arabic.
The top five countries with the highest number of attacks were Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt.
How to Stay Safe
To protect yourself, it’s essential to be cautious when using unofficial or modded apps. Stick to the official versions of apps like WhatsApp to ensure your privacy and security. Using official apps ensures you’re not putting your personal information at risk.
If you’re tempted by the additional features offered by modded apps, consider using a reputable security solution to protect your device. A good security app can help detect and block any malware, giving you peace of mind when using third-party apps.
It’s always better to be safe than sorry when it comes to your online privacy. Stick to official apps, use security software, and stay vigilant against potential threats. Your privacy is worth it.