Meta has sued companies operating under the names “HeyMods”, “Highlight Mobi” and “HeyWhatsApp” for stealing more than 1 million accounts using the unofficial WhatsApp Android app, beeping computer reported. The malware-infected apps can be found on multiple APK sites and even on the Google Play Store, the complaint said.
“After victims install the malicious app, they are prompted for their WhatsApp user credentials,” according to the lawsuit filed in U.S. District Court in San Francisco. “The defendants programmed the malicious application to transmit the user’s credentials to WhatsApp’s computer and obtain the user’s account keys and authentication information.”
The apps in question are called “Zap Theme Store” and “AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods” etc.The latter app has more than one million installs in the Google Play Store, according to beeping computer.
WhatsApp chief Will Cathcart has warned users against downloading fake apps, saying they are “just scams to steal personal information stored on people’s phones”. He added that Meta’s findings were shared with Google and that Google Play Protect was updated in July to detect and disable fake apps. “We are also taking enforcement action against HeyMods … and will explore legal options to hold HeyMods and others like them accountable,” he said.
Meta said the developers had actually violated their agreement, but the jurisdiction was unclear, as the complaint indicated that the companies were formed under the laws of three different regions: Hong Kong, Beijing and Taiwan.Regardless, Cathcart has some advice that generally applies to any app: “If you see a friend or family member using a different form of WhatsApp, encourage them to only use WhatsApp from a trusted app store or our official website , directly in http://WhatsApp.com/dl. “
All products featured by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. We may receive an affiliate commission if you purchase through one of these links. All prices are correct at the time of publication.