An Italian surveillance company has reportedly made a fake WhatsApp application for iOS, this app is used to target users and gather sensitive data.
According to a report by researchers from digital rights watchdog Citizen Lab (reported via Motherboard), some iPhone users were thus tricked into installing this fake version of WhatsApp. This suppose application was likely linked to an Italian surveillance company, Cy4gate. Furthermore, reports states that, the hackers did not mean to spread the fake app all around but instead was only targeted at specific users only.
Additionally, report shows that this fake version of the WhatsApp can get hold of information like “the UDID, or Unique Device Identifier assigned to each iOS device by Apple; and alsothe IMEI or International Mobile Equipment Identity, which is thus a unique code that is used to identify cellphones devices”.
In line with this report, the page that was created to trick the users into downloading the fake version of the app looked exactly like the actual WhatsApp home website and it laid out the step-by-step process to download, install the app. .
According to a statement by a WhatsApp spokesperson to Citizen Lab who made it clear that..
“We do not ask for these user privileges and people should be very suspicious of any app trying to do so. We strongly oppose abuse from spyware companies, regardless of their clientele. Modifying WhatsApp to harm others violates our terms of service. We have and will continue to take action against such abuse, including in court”.
The spokesperson furthermore admonish WhatsApp users to always download the app from the designated app store only.
Meanwhile, Previous week, a security company ZecOps went on twitter with a tweet about the attack on iOS users..
And in iOS world: iOS 14.4 patched two vulnerabilities that may have been exploited in the wild: Including both WebKit, and Kernel: hinting that they might have been used in 1-click attacks. To protect yourself: we advise to update to the latest iOS version. pic.twitter.com/4gFl63FdUK
— ZecOps (@ZecOps) January 26, 2021
Motherboard reached out to the accused party, Cy4gate, regarding the same issue. As per the report, the company refused the accusation saying the “config domains” that traced back to them is not “attributable to the suppose company.” However, the company’s spokesperson confirmed that “all verification as been carried out and the domain sure do belong to the company”.