As one of the world’s most popular messaging applications, WhatsApp is a well-known tool, even in the business world. More notable is that WhatsApp—a platform known for its end-to-end encryption and security—now has a modified and unofficial version called YoWhatsApp, which has been deploying malware to unsuspecting users.
YoWhatsApp is an unofficial version of WhatsApp that can be downloaded and installed on a mobile device. The developers have touted the ability to lock chats, send messages to unsaved numbers, and customize the app with themes. It should be noted that this is just one of many unofficial WhatsApp versions out there that have similar features to this.
Enhanced versions of messaging platforms are not a new concept, either. Think back to the early 2000s when AOL Instant Messenger was popular; there were plenty of tools out there that allowed users to remove ads, remain anonymous, or add new features. These kinds of tools also came with an added security risk, with some containing malware or other threats.
YoWhatsApp is just another symptom of this long-standing problem.
The Kaspersky Report detailing the risks of using YoWhatsApp found that it distributes Android malware called the Triada Trojan. This malware was also discovered on FMWhatsApp, another modified version of the application.
Triada can control your SMS messages, enroll you in paid subscriptions without your consent or knowledge, impersonate you, and send spam or other malicious content to contacts. This creates a vicious cycle that spreads the threats continuously.
As far as we know, WhatsApp itself is a safe application, but the third-party versions should not be considered to have the same level of security.
Even though third-party “enhanced” versions of software are not new, you shouldn’t use them if you can help it, as they are often not as secure or supported as the official versions of the software. For example, if someone made a knock-off version of Microsoft Office and a critical security flaw was found in the official version, Microsoft can be counted on to patch it, whereas the third-party application could potentially go unpatched. Plus, if a hacker wants to steal money or infect user devices, it’s relatively easy for them to create a “better” version of a popular app, then use it to take advantage of unsuspecting users.
You should always know what you’re installing on your devices, be they mobile devices or your workstations. TechNet Task Group can help you keep your devices secure and safe. To learn more, contact us today at (716) 685-1181.