A fake app of Facebook-owned Whatsapp is stealing users’ sensitive data and replacing it with malware, according to Malwarebytes.
The bogus app, named WhatsApp Plus, isn’t available on Apple App Store and Google Play Store but its Android Package (APK) file has been circulating on blogs and forums online.
When installed and loaded, the app starts with a gold WhatsApp logo the users to ‘agree’ to terms and conditions and press ‘Contiunue’.
Once they do so, a message shows up stating WhatsApp version you are trying to install is outdated.
The app asks the users to either go to Google Play Store to download the latest version or press a download button.
The app steals personal information of users such as their name, mobile number, photos, contacts and more
And when the ‘download’ button is tapped, users land on a webpage written in Arabic, where the download process finally begins.
Malwarebytes said Whatsapp plus appears to be a variant of Android/PUP.Riskware.Wtaspin.GB, a Fake WhatsApp riskware discovered back in mid-2017.
WhatsApp Plus offers extended functionality to its users, enabling them to use up to four accounts on a single device and hide ‘typing message’ notifications as well as double ticks and blue ‘read’ ticks.
However, at the same time, it steals the personal information of users such as their name, mobile number, photos, contacts and more.
WhatsApp Plus isn’t the only app involved in malicious activities on WhatsApp. Earlier this month, LifeHacker reported that an app called ‘Chatwatch’ is capable of tracking the activities of other users on the platform.
According to report, the app can estimate when a person in their contact list might be sleeping, by monitoring his durations of activity on WhatsApp and general usage patterns. It also tells its users that when people in their contacts have come online.
Besides that, the app can also make accurate guesses on whether two users are chatting with each other by combining data of their activity.