A new version of the unofficial WhatsApp app called YoWhatsApp has been found to steal access keys to user accounts. Kaspersky researchersdiscovered that YoWhatsApp v2.22.11.75 sends the user’s access key to the attacker’s server. Attackers can use keys to take over accounts, steal private communications, and impersonate users. YoWhatsApp is mainly advertised through the video downloader Snaptube. Security researchers also discovered another YoWhatsApp clone, WhatsApp Plus, spread through the VidMate app, containing the same malicious functionality. While not all unofficial WhatsApp apps are malicious, it is wiser to use the official app whenever possible.
This article is reprinted from: https://www.solidot.org/story?sid=73052
This site is for inclusion only, and the copyright belongs to the original author.