You have to be careful about which apps you install, because you never know what could be a dangerous knockoff trying to steal your data. One prime example of this has been revealed by security researchers at Kaspersky (opens in new tab), which has revealed two fake WhatsApp Android apps that aim to steal user access keys.
The two apps are called “YoWhatsApp” and “WhatsApp Plus," and are designed to offer special features in addition to the usual suite of WhatsApp tools. The Kaspersky report (via Bleeping Computer (opens in new tab)) notes that YoWhatsApp offers a customizable interface and individual chat room blocks.
Sadly, as is far too common, these apps have a nefarious purpose: stealing user access keys with the help of the Triada Trojan. Once those keys have been acquired, it gives attackers the chance to access unwitting victims’ accounts.
This then allows the attackers to do various things without your consent, including subscribing you to premium services that they control. Gaining cyber criminals money, and draining your bank account in the process. Having access keys also gives hackers the ability to eavesdrop on conversations and steal personal data.
Other dangers include account takeover and impersonation, both of which could be used to spread malware or scams to your contacts — should the attackers feel the urge.
Kaspersky hasn’t said whether stolen access keys have been exploited yet, but revealed the knockoff apps were being advertised by other, legitimate apps like Snaptube and Vidmate. Though the company suspects that those apps had no clue they were being used to advertise malware and have since been notified.
Sadly, this kind of thing is not uncommon, and earlier this month WhatsApp parent company Meta sued multiple Chinese companies, which it accused of stealing over a million WhatsApp accounts (opens in new tab) via fake versions of WhatsApp.
Bleeping Computer notes that not all WhatsApp clones are deliberately malicious. That said, it's always safest to avoid these sorts of cloned apps, and stick to the official versions that aren’t trying to steal from you. Users with knock-off apps installed should also uninstall them as soon as they can.
It’s also recommended that you avoid side-loading apps via APK files, since they haven’t gone through the safety checks afforded by Google Play. Security on Google Play (and to a lesser extent Apple's App Store) is far from perfect, but it's a heck of a lot safer than installing software from unknown sources.