WhatsApp's cloned app spying on Indians via recording video, audio
Behind a large portion of Android spyware detection in the past four months was 'GB WhatsApp', a popular but cloned third-party version of WhatsApp, according to the report by cyber-security firm ESET
India is among the countries with the highest number of Android trojan detections and a cloned, third-party unofficial version of WhatsApp is leading in spying on people's chats in the country, a new report has warned.
Behind a large portion of Android spyware detection in the past four months was 'GB WhatsApp' -- a popular but cloned third-party version of WhatsApp, according to the report by cyber-security firm ESET.
Such malicious apps have a wide range of spying capabilities, including recording audio and video.
"The cloned app is not available on Google Play and, therefore, there are no security checks in place compared with the legitimate WhatsApp, and versions available on various download websites are riddled with malware," said the report.
India (35 per cent) was also ranked second after China (53 per cent) as the geolocation for bots making up the largest internet of things (IoT) botnet called 'Mozi' from May to August 2022.
The IoT botnet 'Mozi' saw the number of bots drop by 23 per cdnt from 500,000 compromised devices to 383,000 in May-August.
However, China and India continued to have the highest number of IoT bots geolocated inside the respective countries.
"These statistics confirm the assumption that the 'Mozi' botnet is on autopilot, running without human supervision since its reputed author was arrested in 2021," said the report.
Even with declining numbers, Russian IP addresses continued to be responsible for the largest portion of remote desktop protocol (RDP) attacks.
"Russia was also the country that was most targeted by ransomware, with some of the attacks being politically or ideologically motivated by the war," said Roman Kovac, Chief Research Officer at ESET.
The report also examined threats mostly impacting home users.
"In terms of threats directly affecting virtual and physical currencies, a web skimmer known as Magecart remains the leading threat going after online shoppers' credit card details," said Kovac.