Follow Us:
Thursday, August 05, 2021

Fake WhatsApp version, allegedly by a spyware vendor, used to target select users: Report

The news about the fake WhatsApp version was first brought to notice by security company ZecOps as they tweeted about the cyberattack.

By: Tech Desk | New Delhi |
Updated: February 4, 2021 5:43:22 pm
happy new year, happy new year 2021, happy new year 2021 whatsapp stickers, happy new year 2021 sticker, happy new year 2021 wishes sticker, happy new year 2021 whatsapp wishes, happy new year wishes,happy new year images, happy new year pics, happy new year 2021 wishes, happy new year 2021 quotes, happy new year quotes, happy new year status, happy new year pics, happy new year whatsapp stickers, happy new year whatsapp images, happy new year images download, WhatsApp, How to create WhatsApp stickers, 2021 New Year wishes, 2021 new year whatsapp stickers, WhatsApp stickers, 2021 New Year status, 2021 New Year quotes, new year, new year wishes, new year quotes, 2021 new year images, new year whatsapp, new year whatsapp images, new year whatsapp photos, new year WhatsApp stickers, happy new year, happy new year images, happy new year stickers, happy new year whatsapp stickers, happy new year whatsapp images, happy new year whatsapp photos, 2021 new year, new year 2021WhatsApp has confirmed that it will take appropriate action against the fake verison of its app

A fake version of WhatsApp for iPhones was allegedly designed by Cy4Gate, an Italian surveillance company, according to a report by Motherboard and Toronto-based Citizen Lab. The installation of the fake version of WhatsApp was likely used to attack specific targets, according to the report.

Cy4Gate has denied that they created the spyware product or any link to the domain names, which were found in connection with the attack.

The news about a WhatsApp-based attack on iPhone users was first highlighted by security company ZecOps, which tweeted about the same. Later, Citizen Lab worked with Motherboard to find the counterfeit version of the instant messaging app. Citizen Lab has previously reported in detail about how NSO Group’s Pegasus spyware was used to target select users by exploiting a vulnerability in WhatsApp.

According to Citizen Lab, the creators of the spyware tricked targeted users into installing these fake WhatsApp configuration files on their smartphones. The stolen data includes Unique Device Identifier (UDID), International Mobile Equipment Identity (IMEI) among other information, adds the report.

A specific domain along with an IP address was used to trick victims into installing Mobile Device Management (MDM) profiles, which then pushed “malware into a target device”.  The domain clusters are believed to be linked to Cy4Gate, a charge the company denies.

Citizen Lab also found a phishing page in Italian that has been made to look like an official WhatsApp site. The page says, “To keep in touch with your friends press the ‘download’ button and follow the instructions on the page,” in Italian. The page also has instructions regarding how to install the configuration file on iPhone, instead of simply downloading it from the App store.

The report notes that when opened, the file says it is from “WhatsApp Inc.” for “WhatsApp Messenger,” which would have further confused the intended victims.

However, the researchers were unable to figure out what other information the hackers were able to steal once they had managed to successfully enter a target device.

A WhatsApp spokesperson already confirmed that action will be taken against the counterfeit app. Currently, Facebook and WhatsApp are in a legal battle against Israeli spyware maker NSO Group that spied on targets worldwide.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Technology News, download Indian Express App.

  • The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.