WhatsApp Users Warning! Your chats may be read by others; this 'Indian' malware can hack even your passwords

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

WhatsApp users, your chat poses a big threat to your privacy. Others may actually get to read your private chats! Whatsapp is one of the most popular messaging apps in the world. It has over 1.5 billion strong user base which records over 65 billion messages daily. However, in a big revelation, it has been claimed that WhatsApp users on Android phones are under a big threat of getting their phones hacked and data stolen by this shockingly invasive malware.

An ESET researcher Lukas Stefanko has discovered two Android-based spyware which he claimed to be 'Open Source' type. He claimed that one of these has been developed by someone in India. These are capable of hacking your phone and stealing not only your private chats but also your secret data like documents and password.

"New Android Spy in the game. Spreads as fake #Viber via web that mimics Google Play. Functionality: (i) steal #WhatsApp media and document files (ii) #WeChat media (iii) all taken pictures (iv) files from Download dir (v) record phone calls," he said in a tweet.

In another Tweet, he claimed to have discovered another spyware allegedly developed in India. This particular malware is open source and is capable of spying on browsing history, photos, WhatsApp conversation, files, contacts, SMS etc.

"Spying backdoor or surveillance malware? In two days I found two different Android spy families. This one with help of @CryptoInsane. Spies on: (i) browsing history (ii) photos (iii) WhatsApp conversation db (iv) upload files (v) contacts (vi) SMS (vii) battery status. IoC:D7AB404CE9660C696485F59B98710D8F," he said.

A ZDNet report claimed that an investigation by by G DATA SecurityLabs into the new spyware revealed the malware's code in a public repository titled "OwnMe" on GitHub.

"The malware consists of a MainActivity.class which launches the OwnMe.class service. A pop-up message is then shown to the Android user with the text, "Service started," which implies the malware is still in development, said the report.

The report said that the service begins with the startExploit() function. If the spyware gets the access to the internet, it established a connection to a server to send the users data.

Watch This Zee Business Video

"Such kinds of malware spread via phishing campaigns and third-party app stores where malicious hackers bind malware with a real looking application or distribute them in the form of cracks, mods and free ‘paid apps’ which affect the victims that download them," said Ankush Johar, Director & Partner at Infosec Ventures.

Users should stay vigilant and take the necessary precaution mentioned below:

* Always check what all permission the app requires the users to allow before installation. Stay cautious with permissions that don't seem legitimate, for instance, if a calculator app wants to access your call logs or messages it is clear that the app wants unnecessary permission and can be malicious. Trust your gut!

* Don’t download apps from unknown sources, they can be infected with data-stealing malware hidden behind a genuine looking app. Stay away from pirated apps

* Do not enter your confidential details like your bank account details etc on any application other than the one that the data belongs to. Ie. your bank app.

* For added security, set your app store settings to “Do not allow third-party app downloads from untrusted sites.”

* Google recently launched “Google play protect”. Make sure that the application is verified by “Google Play Protect” else avoid downloading the app even from the play store.

* Check reviews and ratings given by others users who have installed the application. If the ratings are unsatisfactory it is not preferable to download the app.

* Check the number of downloads, if the number of downloads is less than 50k, it may be risky to download the app.

* Check the app for spelling errors, grammatical errors or logos that appear to be poorly designed. These may point to malicious or simply ill-managed apps.

* If there is an invalid email address and no official website then it is likely that it is a fake app.

* If the application contains lots of advertising or pop-ups then it's better to uninstall the app as it may be designed for phishing purposes

* Its always good to have a reputed antivirus/antimalware app in your smart-device as it will keep protected from most attacks.

* Finally, THINK BEFORE YOU CLICK!