Meta warns Android users of new malware hiding in WhatsApp, YouTube apps
Meta, owners of Facebook, Messenger, Instagram, and WhatsApp has raised an alarm over a dangerous new malware strain hiding in bogus YouTube and WhatsApp apps. The company in its latest Quarterly Adversarial Threat Report 2022, said the new Dracarys malware is being injected into fake versions of popular apps such as WhatsApp and Youtube.
According to the report, this malware strain is capable of stealing call logs, contact information, files, SMS texts, geolocation and device details from an Android device as well as taking photos secretly, enabling the phone or tablet’s microphone.
The latest report revealed that the Dracarys malware is named after the Game of Thrones Battle Cry dragon, which is run by the hacking group APT. This hacking group has been said to attack users from UK, New Zealand, India and Pakistan.
- Meta in the Q2 2022 report said: “We found Bitter using a new custom Android malware family we named Dracarys. Notably, it used accessibility services, a feature in the Android operating system to assist users with disabilities, to automatically click through and grant the app certain permissions without the user having to do it.”
- “Bitter injected Dracarys into trojanized (non-official) versions of YouTube, Signal, Telegram, WhatsApp, and custom chat applications capable of accessing call logs, contacts, files, text messages, geolocation, device information, taking photos, enabling microphone, and installing apps. While the malware functionality is fairly standard, as of this writing, malware and its supporting infrastructure has not been detected by existing public anti-virus systems. It shows that Bitter has managed to reimplement common malicious functionality in a way that went undetected by the security community for some time,” it added.
How to protect yourself against the malware
Experts advised that the best way to get protected against such malware is never to download unofficial or fake apps of apps like WhatsApp, YouTube, or Telegram. While the threat of malware remains present on the third-party APK website as well, experts say Android users should download official apps from the Google Play Store itself.