Cybersecurity firm Kaspersky has provided information about this malware.
Mumbai: If you are planning to download and run WhatsApp from the Play Store, you need to be careful as a new Trojan has been found in an updated version of Android WhatsApp, called Trojan Triada. It is capable of downloading malware payloads, which can perform malicious activities on the device without the user’s permission.
Cybersecurity firm Kaspersky has reported on the malware, and its researchers have reported in a recent report that the Trojan Triada has affected an updated version of WhatsApp, FMWhatsApp 16.80.0. These apps provide users with additional features that are not present in the original app.
Kaspersky added that the Trojan Triada has accessed a newer version of FMWhatsApp through the Advertising Software Development Kit (SDK). By launching a Trojan-infected app, they are collecting unique device identifiers. Including device ID, customer ID, MAC address, etc. After collecting this data, it sends it to the remote server.
This server registers the new device and sends the link payload back. After that, the Trojan present in the app downloads the payload to the infected device and decrypts the content and launches it for operation. Researchers have identified a number of such malware, which are working to steal people’s data through FMWhatsApp.
This includes showing full-screen ads, running invisible ads in the background, and signing up for paid subscriptions to device owners without their knowledge.
Kaspersky said that since FMWhatsApp users allow the app to read SMS from their device, Trojan and its other malicious modules can take advantage of it. These users can easily sign up for a paid subscription, requiring a confirmation message or SMS to complete the process.