Kaspersky Lab has discovered a dangerous Trojan in YoWhatsApp, an unofficial version of the popular WhatsApp messaging application. The Trojan in question goes by the name ‘Triada’, an old acquaintance in cybersecurity environments that has been used in other malicious developments.
The modification of applications such as Meta that dominates the world’s messaging solutions are an effective method for distributing malware by capitalizing on the interest and popularity of software used by hundreds of millions of users. It is a constant. Cybercriminals take advantage of any application, service or event with a massive impact.
YoWhatsApp offers users the ability to block chats, send messages to unsaved numbers, and customize the app with a variety of theme options. It also shares code and features with other modded WhatsApp clients like FMWhatsApp and HeyMods.
The point is that it comes with a very dangerous ‘little gift’. The Russian security company Kaspersky has warned of the presence of the Triada Trojan in version 2.22.11.75 of YoWhatsApp. Usually spread via scam advertisements on Snaptube and Vidmate, this app asks victims to grant it permissions to access SMS messages, which already allows the Trojan to enroll them in the first place. paid subscriptions without your knowledge.
Furthermore, and once installed, the Trojan will try to steal the WhatsApp passwords and if that happens, it will allow the attacker to access the chat messages and impersonate the victim to send unwanted mail (spam) and carry out financial fraud. In addition to losing control of the account, it would be very easy to spread this or another malware to your contacts.
This development comes after Meta filed a lawsuit against Chinese and Taiwanese developers for distributing unofficial WhatsApp apps, including HeyMods, which ended up compromising half a million accounts. Just over a year ago, Triada malware was also discovered in similar mods, FMWhatsApp.
“Cybercriminals are increasingly using the power of legitimate software to distribute malicious applications”the Kaspersky researchers conclude to warn of these mods (some very attractive to extend the functionalities of the original software), but with which extreme care must be taken.
