An Android malware known as Triada has been discovered being used by YoWhatsApp, an unauthorized variant of the well-known WhatsApp messaging software.
The malware’s objective, according to a recent report from Kaspersky, is to steal the keys that “enable the operation of a WhatsApp account without the app.” A user of a malicious WhatsApp mod risked losing control of their account if the keys were stolen.
Users of YoWhatsApp have the option to lock chats, send messages to numbers that haven’t been stored, and change the app’s theme. Additionally, it is rumored to have similarities to other modified WhatsApp apps like FMWhatsApp and HeyMods.
According to the Russian cybersecurity firm, YoWhatsApp version 2.22.11.75 contains the malicious feature.
The program asks the users to grant it permission to view SMS messages when they first install it, which allows the malware to sign the victims up for premium subscriptions without their knowledge. It is typically distributed through fraudulent adverts on Snaptube and Vidmate.
If the keys are successfully stolen, the account may be completely compromised, allowing the attacker to view chat messages and potentially assume the victim’s identity to send spam and commit financial fraud.