Please wait, authorizing ...

Don't have an account? Register here today.


More than 340,000 attacks reported with new malicious WhatsApp mod


International. Kaspersky researchers announced the discovery of a new malicious mod to spy on WhatsApp that proliferates within the other popular messaging system: Telegram, due to a modification that seeks to improve the user experience.

However, this modification also clandestinely collects personal information from its victims. With a wide reach exceeding 340,000 downloads in just one month, this malware primarily targets users communicating in Arabic and Azerbaijani, although victims have been identified worldwide.

Users often turn to third-party mods for popular messaging apps to add extra features. However, some of these modifications, while improving functionality, also come with hidden malware. Kaspersky has identified a new WhatsApp mod that offers not only add-ons, such as scheduled messages and customizable options, but also a malicious spyware module.

The modified WhatsApp client manifest file includes suspicious components (a service and a streaming receiver) that are not present in the original version. The receiver initiates a service, starting the spy module when the phone is turned on or charging. Once activated, the malicious implant sends a request with device information to the attacker's server. This data covers IMEI, phone number, country and network codes, and more. It also transmits the victim's contacts and account details every five minutes, can set up microphone recordings, and can extract files from external storage.

- Publicidad -

The malicious version came through popular Telegram channels, mainly targeting Arabic and Azerbaijani speakers, and some of these channels boast nearly two million subscribers. Kaspersky's telemetry identified more than 340,000 attacks related to this mod in October alone. This threat emerged relatively recently and became active in mid-August 2023. Kaspersky researchers alerted Telegram to the issue.

Azerbaijan, Saudi Arabia, Yemen, Turkey and Egypt witnessed the highest attack rates. While the preference leans towards Arabic-speaking and Azerbaijani-speaking users, the malware has also affected people from the US, UK, Germany, Russia, and elsewhere.

Kaspersky products detect the Trojan with the following verdict: Trojan-Spy.AndroidOS.CanesSpy.

Duván Chaverra Agudelo
Author: Duván Chaverra Agudelo
Jefe Editorial en Latin Press, Inc,.
Comunicador Social y Periodista con experiencia de más de 16 años en medios de comunicación. Apasionado por la tecnología y por esta industria. [email protected]

No thoughts on “More than 340,000 attacks reported with new malicious WhatsApp mod”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet.

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles

Sesión 5: Milestone, Plataforma Abierta que Potencializa sus Instalaciones Manteniéndolas Protegidas

Genaro Sanchez, Channel Business Manager - MILESTONE

Sesión 4: Videovigilancia con Inteligencia Artificial para seguridad, procesos y mercado.

Luis Miguel Dávila, Area Sales Manager Central America and Caribbean Hanwha Vision - HANWHA

Sesión 3: Como usar la Videovigilancia hoy en día aplicando integraciones en Seguridad Electrónica

Luis Chávez, Director Comercial para México, Centro America y Caribe - IDIS
Load more...

Latest Newsletter