Meta sues Chinese app developers for compromising over 1 million WhatsApp accounts

Facebook’s parent company, Meta, has sued a set of Chinese app developers said to have developed unofficial versions of WhatsApp to trick users into handing over their login credentials.

Meta says that over 1 million WhatsApp accounts have been compromised.

The Chinese-based business, known as HeyMods, Highlight Mobi, and HeyWhatsapp, are believed to have developed “malicious” versions of the Meta-owned instant messaging app that “mislead over one million WhatsApp users into self-compromising their accounts as part of an account takeover attack.”

According to Meta’s complaint, the malicious apps were available for download on multiple platforms, including the Google Play Store, APK Pure, APKSFree, iDescargar and Malavida, between May and July 2022.

“Beginning no later than May 2022 continuing until at least July 2022, Defendants facilitated an account takeover attack targeting WhatsApp and its users,” the complaint reads. The defendants “developed and distributed on various websites, including heymods.com and the Google Play Store, at least two Malicious Applications and multiple versions thereof, which contained malware and were designed to trick victims into self-compromising their WhatsApp accounts.”

Meta says that, once installed, the malware-ridden apps harvested user info to hijack WhatsApp accounts and send spam messages from compromised accounts.

"After victims installed the Malicious Applications, they were prompted to enter their WhatsApp user credentials and authenticate their WhatsApp access on the Malicious Applications," Meta’s complaint says. "The Defendants programmed the Malicious Applications to communicate the user's credentials to WhatsApp's computers and obtain the users' account keys and authentication information (collectively, 'access information')."

In July of this year, the head of WhatsApp, Will Cathcart, also warned users not to download any modified versions of the application as they pose a serious threat to their privacy and account security.

"These apps promised new features but were just a scam to steal personal information stored on people's phones,” Cathcart tweeted. “We've shared what we found with Google and worked with them to combat the malicious apps."

“If you see friends or family using a different form of WhatsApp please encourage them to only use WhatsApp from a trusted app store or our official website directly at http://WhatsApp.com/dl,” he added.

Bitdefender security solutions cater to all your digital needs. To protect against malicious software you may unwittingly download on your phone, check out Bitdefender Mobile Security for Android.

Our dedicated mobile security solution helps you avoid cyberthreats with a comprehensive malware scanner, automated scanning of newly installed apps and an anti-phishing module to protect against scams and fraudulent webpages.