Knock-off WhatsApp on Android uses malware to steal your account — delete it now

WhatsApp logo on Android phone
(Image credit: Getty Images / Avishek Das/ SOPA Images / LightRocket)

Malicious WhatsApp mods on Android have been discovered using malware to take over users' accounts, allowing hackers to impersonate victims, send spam, and even set up paid subscriptions.

Spotted by cybersecurity experts Kaspersky, knock-off messaging apps of the popular messaging platform, including "YoWhatsApp" and "Whatsapp Plus," used malicious code in a new version of their dedicated apps in a known malware labeled Triada Trojan.

In YoWhatsApp version, a malicious module allows the app to steal keys for the legitimate WhatsApp, giving threat actors the ability to take over a user's account. As the report points out, these keys also allow the use of a WhatsApp account without actually having the app. 

(Image credit: Kaspersky)

YoWhatsApp asks for the same permissions as WhatsApp, including access to SMS, meaning the same permissions are then granted to the Triada Trojan malware. The cybercriminals can then take control of the account, with the user losing access, to send messages impersonating the user, send malicious spam, and set up paid subscriptions — generating a profit without the user's knowledge.  

The unofficial apps are spread ads in popular apps such as Snaptube and Vidmate. YoWhatsApp is known to be a fully functioning messenger app, but adds different features from the official WhatsApp app including a customizable interface and blocking access to individual chats. Not all WhatsApp mods are malicious, but the ones discovered now contain malicious code.

The cybersecurity site notified Snaptube about the malicious app being pushed on its ad platform, meaning its distribution should stop soon. There aren't any known victims the report specifies, but it's a good idea to stay away from these apps.

Kaspersky had previously investigated this malware last year in another modified WhatsApp build called "FMWhatsApp." Now, the code has been spotted in other Android apps.

Watch out for unofficial apps

There are a number of knock-off apps found on Android, offering different features from popular apps that may be of interest to many. However, these are at risk of being set up by hackers looking to steal private information. Earlier this year, we even spotted malware-infested Android apps stealing money.

Despite these apps being advertised on trusted platforms, this doesn't mean they can be trusted. Be aware of what apps you download on Android, and stick to the official apps to stay clear of any malware threat.

The best antivirus apps will help keep an array of threats at bay, including ransomware, spyware, and adware. Recently, we saw a new Android spyware that could record your camera for blackmail, so you'll also want to know whether its worth covering up your camera

Darragh Murphy

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.