WhatsApp has been competing with other mod apps such as GB WhatsApp, FM WhatsApp and more due to the latter’s ability to add exciting designing and privacy features.
The Official WhatsApp application has adequate and pleasing design with a beautiful dark mode, however, the app is slow to add exciting features (disappearing messages feature) to it platform.
The WhatsApp mods like GB WhatsApp have a featured to hide one’s ‘last seen’ whilst being able to see others, as well as a lot of cool privacy features.
However, some of these mod apps had been found to be infected with malware.
FM WhatsApp mod infected with malware
Security researchers found that there was a trojan in a version of FM WhatsApp called ‘Trojan’ because it hides its real intent and yet can take control of a computer/phone.
According to them, the FM WhatsApp developers did not put this trojan in on purpose but rather, the malicious code was in the advertising software development kit they used to be able to display ads in their app.
The Trojan Triada they found is one nasty bastard of malware hence, when you launch your FM WhatsApp, the trojan springs into action and collects and sends your device details to a remote server. The server then sends a link where the trojan downloads a number of different types of malware.
These bits of malware are wicked:
- Some of them download and launch even more malware, including more trojans
- While some display full-screen ads
- Some display ads in the background
- As some sign the phone/tablet up for paid subscriptions. This is done via an invisible window. Since this usually results in a text message being sent to the device for confirmation, the malware intercepts the message. Remember, you have to give FM WhatsApp permission to read messages, and that’s how the trojan gets permission.
- Some sign in to other WhatsApp accounts on your phone, and who knows what they use those accounts for.
- Some use your phone to send spam to other people.
- All this is done in the background, except for the ads displayed in the foreground, and even the intercepted message is deleted so you never see it.
The version of FM WhatsApp that had this nasty trojan was 16.80.0. You might be using one that’s not infected, but can you know with 100% certainty that there are no ads being displayed in the background? You can’t know this if you are using a modded WhatsApp version.
That’s the risk we take with these modded WhatsApp versions.
What to do
If you suspect your phone could be infected, uninstall the modded WhatsApp program you have, be it FM or GB or WhatsApp+. Uninstall and run an antivirus program to see if there’s any more nasty stuff in the background.
However, even if there is no malware on your phone, uninstall the app to avoid having your account blocked. Yes! WhatsApp does block accounts for using these modded versions.
Sometimes apps may have vulnerabilities, not viruses or trojans, but just weaknesses that hackers can exploit. The vendors of these apps constantly release fixes for some of those vulnerabilities.
GB WhatsApp is not infected, but we don’t know with these sideloaded apps.
If you’re running FM WhatsApp, check to see that the version is not 16.80.0. This infected version is over 5 months old now and shouldn’t be working anymore. But I know some still adjust the date of their phones to avoid updating apps so I’m sure there is a number still using this version.
I leave you with the permissions you grant to your WhatsApp MOD, and therefore potentially to your trojans.
Below is the list of permissions required by FMWhatsApp to run. Make sure to read them properly before installing it.
|Kill Background Tasks
|Access Device Location
|Access WiFi, Bluetooth, Camera, Mike, NFC
|Modify Audio Settings
|Write External Storage
|Use Maps Services