WhatsApp is one of the most popular instant messaging apps in the world, boasting over 2 billion monthly active users. Its popularity has led to the emergence of numerous mods or modifications, often offering additional features or enhancements, but they can also pose risks.
WhatsApp mods are unofficial modifications of the original WhatsApp app created by independent developers. These modifications often offer additional features or enhancements such as customized themes, new stickers, increased privacy settings, and various customization functions.
Usually, modded apps are not available in official app stores like Google Play and the App Store because they violate policies, so they must be downloaded in APK format from websites that do not guarantee their security.
While many people use mods like GBWhatsApp, WhatsApp Plus, and YoWhatsApp daily, a new study shows that WhatsApp modifications are often not secure and could contain malware or vulnerabilities that cybercriminals can exploit.
The study, conducted by Kaspersky Lab, found that many analyzed WhatsApp mods contained trojans, infecting devices with spyware, allowing attackers to spy on victims and even record them using the microphone.
“After being installed on the victim’s smartphone, an infected WhatsApp mod waits for the phone to turn on or be put on charge to launch the spy module,” Kaspersky noted in their publication. “It contacts one of the corresponding C2 servers and uploads various information about the device, such as the phone number, IMEI, mobile network code, etc. Additionally, the spyware trojan sends information about the victim’s contacts and accounts to the server every five minutes, while awaiting further commands.”
To prevent your mobile from being infected with malware, ensure you only install apps from trusted websites, search for reviews or comments online about the apps, and keep your device updated. And remember, hardly anything on the internet is entirely free.