A group of hackers has designed a fake version of WhatsApp, very similar in appearance to the real thing, specifically aimed at users of iPhone with the purpose of steal information about them and their mobile devices.
The cybersecurity company ZecOps reported a few days ago that it had detected a attack against WhatsApp users on iOS. The post he shared on Twitter included a domain and an IP address.
The investigation carried out by Citizen Lab and Motherboard after the mentions of ZecOps have revealed that the discovered domain tried to trick iPhone users into installing a fake version of WhatsApp.
The link to the download was on a page that looked very similar to the legitimate one, and included the WhatsApp brand and instructions on how to install the application. Actually, as Citizen Lab found out, it was a file with a special configuration for iPhone devices.
The file It allowed hackers to obtain information from the victims, such as the UDID code, unique for each iPhone, or the IMEI identifier, which identifies each mobile device. However, from Citizen Lab they acknowledge that they were not able to discover what other data it collected.
The fake version of WhatsApp is actually spyware designed for users of the application on iPhone, but Motherboard indicates that they have not been able to identify who it was aimed at. Although they have linked it with Cy4Gate, an Italian cybersecurity firm that usually works with state agencies.