Chinese app makers are being sued by Meta for breaching more than 1 million WhatsApp accounts

HeyMods, Highlight Mobi, and HeyWhatsapp, a Chinese company, are said to have created “malicious” variants of the instant messaging service owned by Meta that “fooled over one million WhatsApp users into self-compromising their accounts as part of an account takeover attack.”

Between May and July 2022, the malicious applications were allegedly accessible for download on a number of platforms, including the Google Play Store, APK Pure, APKSFree, iDescargar, and Malavida.

Some of these modified WhatsApp were downloaded one million times, according to the case submitted to the US District Court in San Francisco and cited by Bleeping Computer. The programme encourages users to submit their WhatsApp user credentials and validate their WhatsApp access to the malicious applications once they download the malware-filled apps (such as Theme Store for Zap and AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods). Attackers may get access to private messages and other data if they are successful.

Since many businesses are situated on Chinese territory, it is unclear where these developers are legally entitled to operate. According to the lawsuit, the defendants (Chinese businesses) “knowingly aimed and targeted their scheme towards Meta and WhatsApp, who have their major places of business in California,” and as a result, the court has “personal jurisdiction” over them. It effectively indicates that when defendants created separate WhatsApp accounts, they did so in accordance with and were bound by the WhatsApp Terms.

According to Meta’s lawsuit, “victims were required to input their WhatsApp user credentials and authenticate their WhatsApp access on the Malicious Applications after they installed the Malicious Applications.” The malicious applications were coded by the defendants to transmit the user’s credentials to WhatsApp’s systems and gather their account keys and authentication details (collectively, “access information”).

Will Cathcart, the CEO of WhatsApp, issued a similar warning to users in July of this year, advising them not to download any modified versions of the programme because they represent a major risk to their account security and privacy.

“These applications claimed to have new functions but were really simply a cover to get users’ personal data, Cathcart tweeted. “We’ve informed Google of our findings and collaborated with them to fight the malicious applications.”

If you see that your friends or relatives are using a different version of WhatsApp, please urge them to only download it from a reputable app store or through our official website at http://WhatsApp.com/dl, he added.