"WhatsApp Users Beware: Dangerous Mobile Trojan Being Distributed via Malicious Mod"
Researchers discovered a threat actor distributing a data-stealing mobile Trojan through a spoofed version of YoWhatsApp, a relatively popular modified version of the WhatsApp messaging app. Users who install the app risk having their WhatsApp account information stolen and being signed up for paid subscriptions unknowingly. Researchers recently discovered the threat and identified the Trojan as Triada, a malware tool that was discovered last year being distributed similarly via another malicious version of YoWhatsApp. WhatsApp mods are unofficial, modified versions of the social media app that include features and functionality that the official version lacks, such as additional privacy, custom backgrounds, and bulk messaging. Because these modified social media apps are unofficial, they are not available on Google or Apple's official mobile app stores. Therefore, users who want them must download them from unofficial sources, a practice that security experts have long warned is particularly risky. However, some users do it anyway because they believe the extra functionality is worth the risk. Organizations that use WhatsApp for workplace communication should be aware of such threats. An employee who uses the malicious YoWhatsApp version may end up leaking sensitive business information or having their account used in phishing scams and spam sending. This article continues to discuss the discovery of a modified version of the WhatsApp messaging application distributing Triada.