WhatsApp Hacked; One Million Accounts Stolen

Meta Filed Lawsuit Against Chinese

WhatsApp hosts billions of users that span the globe, these loyal individuals accessed the communication’s platform constantly, on a daily basis. With that advent, the popular social media platform has always been a prime target for dark web hackers in their scamming campaigns.

Since this year, WhatsApp accounts have reportedly been breached and stolen numerous times by threat actors. For the recently reported hijacking of more than 1 million WhatsApp accounts, the owner Meta, who is the parent company of Facebook, had filed a multi-million dollar lawsuit suing three app developers listed as the defendants.

Meta’s lawsuit, according to the court record, was filed in May 2022. The Mark Zuckerberg led company had named numerous Chinese developers that have illegally operated what is termed as “unofficial” WhatsApp Android apps. According to Meta’s claim, the unofficial usage allows them to steal one million or more WhatsApp accounts. The Chinese developers sued are HeyMods, HeyWhatsApp, and Highlight Mobi.

Meta’s lawsuit charged that malicious programs belonging to the defendants were reportedly downloaded from their respective websites. They were also available on the Google Play Store, ready for download as APK Pure, APKSFree, iDescargar, and Malavida.

WhatsApp Accounts Hijacked

According to the lawsuit, the malicious software, upon installation, utilizes the WhatsApp authentication process, It had also stole users’ sensitive data after hijacking WhatsApp users’ accounts, these accounts were then used for transmitting their spam campaigns. The downloaded Apps were listed as the AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods and Theme Store for Zap.

“Victims were prompted to enter their WhatsApp user credentials and confirm their WhatsApp access on the Malicious Applications after they installed the Malicious Applications,” according to the filed legal documents.

The security breach indicates that coded malicious applications were used to steal and transmit WhatsApp users’ credentials. The defendants are accused of collecting these users’ authentication details and account keys. In addition, retrieved Google Play Store records show that over a million Android users have unknowingly installed the malicious AppUpdater for WhatsPlus.

Downloaded Apps Disabled

In July, Will Cathcart, at Meta, issued several warnings about the illegally modified versions of WhatsApp. Cathcart also warned WhatsApp users not to download the HeyMods and HeyWhatsApp apps from the Google Play Store.

Recent reports also indicated that the bootlegged Apps were contaminated with dangerous malware. The virus was found in the “Hey WhatsApp” and the “HeyMods” Apps, which were distributed by both developers on the Google Play Store.

In July, Meta informed Google of the illegal use of WhatsApp, since then, Google has upgraded Android’s Google Play Protect, which recognizes and disables fake versions of WhatsApp already downloaded on smartphones.

Meta’s listed grievances are for the violation of WhatsApp’s terms of service. In addition, the lawsuit focuses on how the defendants’ malicious programs hijacked WhatsApp accounts and stole the users’ private credentials. The stolen data was later used in spam campaigns, most of which were centered around the gambling industry.

Meta’s lawsuit also claimed other losses for WhatsApp, the amount includes the monetary resources used to uncover the three developers’ fraudulent scheme.