Data Theft

Meta Sues App Developers to Steal Over One Million WhatsApp Accounts

Recently, a number of Chinese companies have been sued by Meta because they have created and used “unofficial” WhatsApp Android apps that were developed without the consent of WhatsApp.

It is estimated that the operators of these unofficial apps have stolen over one million WhatsApp accounts since May 2022 with the help of these unofficial apps. The court document said.

The following names have been found to be associated with them:-

  • HeyMods
  • Highlight Mobi
  • HeyWhatsApp

On the sites of each of these companies, as well as from the following stores, these malicious apps could be downloaded at any time:-

  • Google Play Store
  • APK Pure
  • APKSFree
  • iDescargar
  • Malavida

WhatsApp accounts theft

As soon as the malicious apps are installed on the phone, they are hijacked to send spam messages to the users by means of bundled malware capable of harvesting sensitive information, like authentication data.

The malicious apps also include the:-

  • AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods
  • Theme Store for Zap

There have been over one million downloads of AppUpdater for WhatsPlus only, as its entry data on the Google Play Store depicts it.

Will Cathcart, the head of WhatsApp at Meta, issued the following warning to users during the month of July:- 

“For example, he mentioned the apps of HeyMods and HeyWhatsApp in his rant, asking people not to download modified versions of WhatsApp.”

It is always advised that users beware of these malicious apps, as they promise to offer enticing features but in reality, they are nothing more than a scam. The reason is that these malicious apps only steal personal information from people’s smartphones.

As soon as Meta discovered the malicious apps, they shared the information with Google and worked with them to take steps to combat them.

In mid-July, Google Play Protect, an app that ensures the protection of Android devices, released a new update that detects and disables malicious fake WhatsApp versions downloaded in the past.

Terms Breached

Specifically, a part of the complaint describes how malicious apps were used by the threat actors to hack WhatsApp accounts by stealing account information.

In its lawsuit, Meta alleges that the three companies have violated the terms of service and developer license agreement of WhatsApp.

By creating various WhatsApp accounts, Facebook Pages, and apps, the defendants agreed and committed to the following terms:-

  • WhatsApp Terms
  • Meta Terms
  • Platform Terms
  • Developer Policies

They breached their agreement with WhatsApp and Meta by taking illicit actions, resulting in WhatsApp suffering losses due to their actions.

Cyber Attack with Zero Trust Networking – Download Free E-Book

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

10 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

14 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

14 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

16 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

17 hours ago

Okta Hack: Threat Actors Downloaded all Customer Support System Users’ Data

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security…

18 hours ago