WhatsApp Plus app can be used for installing malware and stealing Android users’ information
A new spam campaign is promoting fake WhatsApp Plus application for Android users. Surprisingly, author of malware managed to post a comment on cybersecurity blog. It was enough for researchers to dig deeper what this malicious app hides. It seems that it might be used for stealing personal information.
The analysis has shown that it’s a new version WhatsApp riskware which was detected last year. The cyber threat is identified as Android/PUP.Riskware.Wtaspin.GB, but has some novelties compared with the previous version.
However, the distribution method of this variant of WhatsApp virus is quite interesting. A user named Amar Srivastava wrote a comment on a cybersecurity blog with an active download link:
now a days whatsapp is one the most popular messaging app in internet but i will prefer whatsapp plus download for users because it have lots of features than whatsapp
Obviously, English is not the primary language of the developer of the potentially dangerous app. However, the app itself can be used for stealing sensitive information, such as phone numbers, logins, pictures, etc.
Installing fake WhatsApp app and taking advantage of non-existent features
Researchers downloaded the app from the link included in the spam comment. Following app installation, the malware displays a ridiculous hoax telling that app is outdated. The fake WhatsApp offers to download an update from the Google Play Store or speed up the procedure and click on a green “Download” button on the same screen.
Of course, no one has time to look up for the app on the Store. However, clicking the “Download” button leads to the Arabic website full of ads. After skipping those aggressive pop-ups, potential victims should see the website that belongs to a developer called Abu explains what is WhatsApp Plus and offers to download it.
The description on the fake WhatsApp download site tells about additional functionality, such as being able to send more than 100 pictures to contacts, alter privacy settings or hide the fact that you received or read the message. It goes without saying that such functionality is unavailable.
Malicious features of the fake Android app
After downloading and supposedly updating the app, users are asked to verify their phone number. Then it shows app changelog with all the fixes that are being installed, and as soon as you click OK button, you end up on a WhatsApp application which seems to be working.
However, while you try to chat with your friends and take advantage of WhatsApp Plus features, the malicious app might try to steal your personal information. Researchers tell that its features resemble spyware, meaning that it can be used for obtaining sensitive data which may lead to serious privacy-related issues.
The source code of WhatsApp Plus is similar to previous variants of this Android virus that imitates a popular communication app. The main difference is that this app redirects to Arabic “Update” website.
Currently, WhatsApp virus does not seem to steal information from the affected device. However, it’s still riskware which has to be removed immediately. Meanwhile, Android users are reminded to stick to Google Play Store which contains less malicious apps than third-party stores.
Prevent websites, ISP, and other parties from tracking you
Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.
A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.
Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.
Recover your lost files quickly
Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.
Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.
Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.