1. Home
  2. >>
  3. whatsapp
  4. >>
  5. Beware of the fake version of WhatsApp for iPhone: steal your phone data

Beware of the fake version of WhatsApp for iPhone: steal your phone data



Beware of the fake version of WhatsApp for iPhone: steal your phone data

The messaging platform WhatsApp It is one of the most popular applications in the world; It’s no wonder that many hackers try to exploit its popularity to break into the phones and digital lives of potential victims. The latest attack that was discovered with WhatsApp as the protagonist, however, is unusual and comes from our country: it is a wrong version of the app that has been offered for months in iphone users and that it doesn’t actually contain the actual messaging platform, but rather a special set of instructions that can communicate it remotely hidden confidential data On the phone. The system, according to the first attempts to reconstruct its operation, appears to have been manufactured by the Italian company Cy4Gate for sale for surveillance purposes.

The fake WhatsApp app

The complaint came from Motherboard in collaboration with computer technicians from the Citizen Lab of the University of Toronto. The team found evidence that the intrusion system was advertised online as the messaging app: Some sites have implemented graphics specifically related to those of the Facebook group, with instructions on how to install the app on iPhones. The downloads offered contained an MDM configuration file– A special profile that defines the behavior of the iPhone according to certain parameters, which is generally used in the company to provide employees’ phones with special parameters for internal communications.

How the attack works

Apple did not make it easy to download and activate that profile, simply because exposes phones to potential vulnerabilities. For this reason, on the site discovered by the researchers, there were detailed instructions on how to perform the operation. Victims who fell for the scam implicitly gave hackers the ability to install unapproved software from the App Store, such as the fake version of WhatsApp advertised on the site. The result was a phone capable of remotely sending data, such as the SIM card and device identification code, along with a host of other information that the researchers were unable to isolate.

Italian authors

Analysis of the websites found online and used to spread the intrusion system leads toItalian company: the surveillance company Cy4Gate, whose clients include also institutional subjects inside and outside our borders, like the United Arab Emirates. It is not clear for what purpose and for how long the fake version of WhatsApp was used, or precisely by whom and against whom; According to the researchers, however, the attack was not designed to spread like wildfire: the installation page is supposed to have been offered, through means such as email, text messages and social networks, to a limited number of topics of interest to Cy4Gate customers. .