A new WhatsApp malware is capable of reading your chats, sending spam and even listening to your calls. The most curious thing about this discovery is that the computer virus is pre-installed on cheap Android phones.
This means that if you are one of those who buy counterfeit versions associated with popular smartphone brands, you could be at high risk. As far as we know there are at least four cell phone models that have this situation. The worst thing is that most contain multiple Trojans that attack applications such as WhatsApp Business and WhatsApp. The discovered virus has infected at least models like the P48pro, Redmi note 8, Note30u and Mate40.
Doctor Web, the security company that discovered this Trojan, explained that the virus embeds itself with the libmtd.so libraries used by WhatsApp and WhatsApp Business. Next, it proceeds to launch a third backdoor with which plug-ins are downloaded and installed from a remote server. This way you get access to the app’s files and so you can read your conversations. It would also have the possibility to send spam and even listen to your calls from the application.
It may interest you: This malware could steal your WhatsApp messages
How does the Trojan operate?
The application, which is already pre-installed on the cell phone model, has the ability to filter very detailed data from the device on which it is installed. It can even download and install other types of software without the user noticing. This way backdoors are opened and even when Trojans can install software, they are embedded in downloads as part of applications. The origin of this type of malicious application is probably in a family of Android.FakeUpdates Trojans that was already discovered many years ago. These are able to embed themselves into various system components such as update software.
Image: Anton at Pexels.com