WhatsApp has intercepted attempts to hack user login credentials on a fake imitation of the app available on the Google Play Store. The unverified app, YoWhatsApp, continues to be hosted on other Android apps, such as Vidmate and Snaptube, that in part can be blamed for promoting the app and the theft of thousands of users’ data.

The malware-infected version tricks users by copying well-known WhatsApp features and appears at first glance to the legitimate app.

The illegitimate app also deceives users into thinking they are downloading the latest update of WhatsApp onto their smart phones and devices with optimised, new features including personalised chat interfaces.

The bad actor, a type of Trojan called Triada, is integrated into YoWhatsApp which steals access keys and sends them to the app developer who can gain access individual user accounts. Hackers can then exploit many forms of personal data in the person’s profile settings or in exchanged communications despite the assumption that WhatsApp is highly encrypted.

Users have been warned to be more vigilant of imposter apps on the Google Play Store, App Store which will not be securely encrypted as the original.

Trends are emerging in malware and cyber attacks becoming a more regular occurrence as technology evolves. Techniques are varied and sometimes require a user action such as downloading or installing a fraudulent application or clicking on a link for personal data to be sent to an offender. Misleading requests may ask a user to enable permissions on the app to access SMS messages, enabling the bad actor to enrol them to paid subscriptions without consent.

Other well-known apps and digital services that we use in our daily lives have fallen victim to similar malware attacks. Imposter Zoom websites, like zoomus[.]website and zoom-download[.]space, were also set up so users were tricked into downloading Vidar malware in an attack called typosquatting. This form of attach involves registering near-identical domain names to those of credible websites of established companies, knowing that consumers trust popular websites with safeguarding their sensitive data.