Google Play Store has recently removed many apps to secure its platform. But there are still modified versions of many apps on the Play Store, which can infect the user’s device. Now, a new trojan, called Trojan Triada, has been discovered in the modified version of WhatsApp for Android. The malware is capable of downloading a payload that furthers malicious activities on the device without the consent of the user.
As per cyber security firm Kaspersky, one of the most popular WhatsApp mods FMWhatsApp 16.80.0 contains a Trojan Triada virus. Once inside the device, it can download further harmful content. “Our mobile antivirus solution detects this malware as Trojan.AndroidOS.Triada.ef,” said Kaspersky.
What is FMWhatsApp?
As per the report, FMWhatsApp serves in-app ads to monetize its services. In fact, one of its ad libraries contains the Triada Trojan. Hackers or cyber attackers can deploy the Triada trojan onto the device of the user by making use of FMWhatsApp, and once it is deployed, it scans the data stored in the phone and then relays it back to the remote server of the hackers.
Triada Trojan pushes advertisements into the user’s device and forces them to subscribe to random services by making use of saved payment methods. What’s riskier is that it can gather information about the device such as Device IDs, Subscriber IDs, and MAC addresses. This data is then sent to a remote server which can then send a malicious payload to the smartphone. Thereafter, it decrypts the content and launches it for operation.
Researchers have discovered many different types of malware carrying out such activities through FMWhatsApp. There is another malware that can perform multiple functions on an infected device and that is full-screen advertising. It is further added that in addition to signing up for an unwanted paid subscription, users may also lose complete control of their accounts
Kaspersky has warned against downloading such apps. Igor Golovin of Kaspersky suggested to not use unofficial apps. He said, “We have observed how cybercriminals have started to spread malicious files through the ad blocks in such apps. That is why we recommend you only use messenger software downloaded from official app stores. They may lack some additional functions, but they will not install a bunch of malware on your smartphone.”
So, if you are someone who loves to use a modified WhatsApp app, then stay away from version 16.80.0 of FMWhatsApp. Downloading it can get you in trouble. It is advised to use only official versions of applications and install them from reliable platforms such as Apple App Store and Google Play Store.