These YouTube and WhatsApp copycat apps are hiding malware

August 15, 2022

By Kim Komando

Your smartphone has many handy tools already built in when you open the box. But adding apps makes these pocket-sized computers even more impressive.

You can find apps to help with almost anything you can think of, from banking to translating languages to ways to stay organized. Tap or click here for nine apps everyone over 50 should download.

But you must be careful when looking for apps to add to your device. Cybercriminals are getting better at spoofing real apps to trick victims into downloading ones that are hiding malware. A new group of apps has been caught hiding malware, including YouTube and WhatsApp lookalikes. Read on to avoid these dangerous apps.

Here’s the backstory

Android devices are constantly in the cross-hairs of cyber criminals, who create malicious apps to infect their gadgets. Facebook’s parent company Meta has highlighted the severity of the problem, explaining in its 2022 second quarter Adversarial Threat Report that one hacker group is exploiting several legitimate apps.

Known as Bitter APT, the South Asian hacker collective’s attacks are “relatively low in sophistication” but still threaten Android users. Meta found the group using a malware variant known as Dracarys, hijacking accessibility services by granting apps permissions without the user knowing.

The malware gives cybercriminals access to your personal information. It can steal call logs, files, SMS text messages, contact information, device details and more. But the threats don’t stop there. The malware can also enable your phone’s camera and microphone to secretly take photos, videos and record conversations. Yikes!

The group of malicious apps includes spoofed versions of YouTube and WhatsApp. Here is the list of spoofed apps to avoid:

• YouTube
• Signal
• Telegram
• WhatsApp

Meta said that other chat applications capable of accessing call logs, contacts, files, and text messages could also be compromised and to avoid apps from third-party app stores. The group behind the bad apps has also been able to keep them from being detected by antivirus software.

“While the malware functionality is fairly standard, existing public antivirus systems have not detected its supporting infrastructure. It shows that Bitter has managed to reimplement common malicious functionality in a way that went undetected by the security community for some time,” Meta explains in the report.

What you can do about it

Even though official app stores like Google Play and Apple’s App Store sometimes let bad apps slip by their vetting process, it’s best to stick with official app stores. Third-party stores are more likely to have infected apps hiding in them.

Here are a few tips to avoid apps hiding malware:

• For Android users, turn on Google Play Protect by heading to Google Play Store > Profile > Play Protect > Settings and turn on Scan apps with Play Protect.
• Only download apps from official app stores. Always go to the official source and double-check that you are installing the correct app.
• Watch out for apps that use a similar logo to other popular apps or have similar functions. Also, check reviews to see if others are warning about suspicious activity.
• Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications. 
• Keep your device updated. Always ensure your operating system and antivirus software is on the latest version.
• Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Hackers are creating fake apps that mimic real ones – Don’t be fooled

These fake apps are stealing money from first-time cryptocurrency buyers