WhatsApp is currently the most popular messaging app used around the world. It has more than 1 billion active users that use it as their primary source for chatting with friends, sharing information, pictures, videos and even location. This also makes it quite the medium for hackers to spread spyware and other malicious apps, and now a new one that can go through your WhatsApp conversation is expectd to join the list soon. Also Read - WhatsApp: How to check all the deleted messages in the messaging appAlso Read - WhatsApp multi-device mode could be released soon
The spyware was spotted by an ESET researcher Lukas Stefanko (reported by ZNET). He states that the software can not only go through messages but also has a variety of other surveillance features that give it access to other elements in the app and on the device. That said, the software still seems to be under the development stage, as it was spotted in an open development project online. Also Read - Here's how WhatsApp users can create Messenger Rooms
According to the report, G DATA ScurityLabs was able to uncover the malware s code in a public repository titled “OwnMe” on GitHub. It states that the malware consists of a MainActivity.class which can launch the OwnMe.class service. This will trigger a pop-up message to the user which reads, “Service started,”
The fact that the message pops up on the users screen further hints at the device being in the development stage. However, it is not expected to be a part of the final build, as majority of malware are generally designed to carry out actions on the device without being sited.
Once the OwnMe.class is called, the malware begins the startExploit() function. It will even establish a connection with the server if the device has Internet access. Among its intrusive features, the report mentions that the software also has a screenshot feature. However, it doesn t seem to be finished and neither does it send any information to the servers.
There is also another feature included which can upload the user’s WhatsApp database to a command-and-control (C2) center using a .php query. The Malware can get access to data such as browsing history, bookmarks, URLs, photo gallery, camera, and even CPU usage.
Watch: Vivo V11 Pro First Look
That said, the report does state that there is possibility that the software might not get to see the light of the day. However, WhatsApp users still need to be careful, as the number of mobile malware has gone up by 54 percent since 2016. There are said to be about 27,000 variants available currently.