The defendants built malicious applications to transmit the user’s credentials.
Meta has filed lawsuits against entities operating as “HeyMods,” “Highlight Mobi,” and “HeyWhatsApp” for hijacking over a million accounts via unauthorized WhatsApp Android applications.
According to the lawsuit, the malware-filled programs were accessible on several APK websites and even the Google Play Store. The complaint submitted to the US District Court in San Francisco claims that “victims were requested to input their WhatsApp user credentials after they installed the Malicious Applications.” The defendants built the malicious applications to transmit the user’s credentials to WhatsApp’s systems and steal the user’s account keys and authentication details.
The programs in question include, among others, “AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods” and “Theme Store for Zap.” According to Bleeping Computer, the later program was downloaded more than a million times from the Google Play Store. Will Cathcart, the head of WhatsApp, issued a warning to users, claiming that the fraudulent applications “were essentially a hoax to steal personal information saved on people’s phones.”
He continued by saying that Google was informed of Meta’s findings, and in July, Google Play Protect was modified to recognize and remove the fraudulent applications. In order to keep HeyMods and other people like them accountable, he added, “We’re also pursuing enforcement action against HeyMods… and will investigate legal possibilities.”