WhatsApp Security Threat: App That Steals Private Conversations


The number of users of the free mobile messaging app WhatsApp just hit over 400 million, as announced Thursday. But what frequent WhatsApp chatters might not know is that there is an app out there that is designed to specifically steal the private chat conversations of users and that it can be a serious security threat to mobile phones.

According to WhatsApp CEO Jan Koum, the messaging program has added active new users to the tune of 100 million in the last four months, bringing the current total of users to over 400 million. Considering the number of messenger apps competing for the top spot in the mobile market, where small tech startups can easily compete with larger conglomerates like Facebook, this is an impressive feat. This is especially true for a company with only 50 employees, the majority of whom are engineers, and which claims to spend very little money on marketing.

However, with growing name recognition and user numbers in the millions, more nefarious elements often tend to pop up, and the same is true for WhatsApp. F-Secure recently looked at a rather ghastly app that, once installed, can upload text conversations and photos to a website where it allows other unrelated individuals to buy them. That app, which is called BalloonPop2, steals those private conversations and is a serious security threat to WhatsApp users.

BalloonPop2 was originally offered in Google Play, but was taken down recently for obvious security concerns. Marketed as a balloon game, downloaders can actually use it to play the game, but the app’s real energy goes toward hacking the phone. It gains access to a phone’s WhatsApp account and the serial number of the SIM card, then copies the folder containing profile pictures. Conversations are then uploaded to the developer’s WhatsAppCopy website, whereby using the cell phone number of any individual with this app installed, others can download their conversations for a small charge. It’s unknown at this time if those files are still encrypted or if the software also decrypts them for easy-access reading.

It seems unclear what the intent is behind this app. It quite obviously steals data from likely unsuspecting users. But on their website, the developers claim that the app should be used as a backup service, meaning that individuals would purposefully put the app on their own phone, expecting for all the data to be transmitted to the WhatsAppCopy website. They would then pay to gain access to their own information should it somehow be lost on their phone or in the WhatsApp system. However, it seems far more obvious that this is a blatant attack on conversations and phone records recorded by WhatsApp. Jealous significant others might want to read the texts, or even more shady individuals looking for key information that might have been mentioned regarding bank accounts or personal data that could lead to identity theft.

Since its removal from Google Play, it’s unlikely that people will be accidentally downloading this app, but individuals who have access to another’s phone will still be able to download it from the developer’s website and buy the information. WhatsApp users should also be on the lookout for people who send links to apps to install, as it could be an attempt at data mining.

While this particular app has been identified and users warned about its presence and activities on their mobile phones, the danger is still out there. Now that WhatsApp has become a bigger name messenger service, other similar apps may become a threat to security as well and in the future they may steal more than just private conversations. Users troubled about security may want to look at alternate messengers such as Wickr or TextSecure.

By Marisa Corley

Security Watch
PC Mag

You must be logged in to post a comment Login