Fake WhatsApp Version for iPhone Apparently Made by an Italian Spyware Vendor to Target Individuals The fake WhatsApp version for iPhone could be used by hackers to gain details of individuals through a specially crafted configuration file.

Fake WhatsApp Version for iPhone Apparently Made by an Italian Spyware Vendor to Target Individuals The fake WhatsApp version for iPhone could be used by hackers to gain details of individuals through a specially crafted configuration file.

Fake WhatsApp Version for iPhone Apparently Made by an Italian Spyware Vendor to Target Individuals The fake WhatsApp version for iPhone could be used by hackers to gain details of individuals through a specially crafted configuration file.

Fake WhatsApp Version for iPhone Apparently Made by an Italian Spyware Vendor to Target Individuals
The fake WhatsApp version for iPhone could be used by hackers to gain details of individuals through a specially crafted configuration file.

WhatsApp for iPhone fake version could target specific individuals
It could be used to get user details of targeted people
WhatsApp is already suing NSO Group for abusing its infrastructure
Fake WhatsApp Version for iPhone Apparently Made by an Italian Spyware Vendor to Target Individuals
WhatsApp has assured action against the fake version that has apparently been made by Cy4Gate

A fake version of WhatsApp for iPhone appears to have been made by Italian surveillance company Cy4Gate to target specific individuals, according to a report. It could have allowed hackers to gather information about targeted users by tricking them to install certain configuration files on their iPhone. The information that the hackers could obtain include — but not limited to — the Unique Device Identifier (UDID) as well as the International Mobile Equipment Identity (IMEI). In 2019, WhatsApp was exploited by a spyware developed by Israel's NSO Group that enabled entities to target journalists and human right activists in global regions including India.

Cybersecurity research lab at the University of Toronto, Citizen Lab, worked with Motherboard to find the fake version of WhatsApp for iPhone that has apparently been developed by Cy4Gate. The references of the counterfeit WhatsApp version emerged after security company ZecOps tweeted about the detection of attacks against users on the instant messaging app.

A site was found with domain config5-dati[.]com that was tricking visitors to install the fake app that was actually a special configuration file for the iPhone, Motherboard reported. It appeared to have been designed to gather information about the victims and send it back to the hackers.


Supreme Court Seeks WhatsApp Reply on Petition for Non-Sharing of UPI Data
Upon seeing the URL of the tricking site, Motherboard found multiple clusters of domains associated with the publicly shared link. Some variations of the original URL were also discovered. One of them was config1-dati[.]com that appeared to be a phishing page tricking individuals to install the fake version of WhatsApp. It looked legitimate, with WhatsApp branding and professional graphics, and provided instructions to the users on how to install a configuration file on the iPhone to get the fake version installed.

Citizen Lab researcher Bill Marczak noted that the configuration file provided by the phishing page was allowing the attacker to send device details including the UDID and IMEI to a server. The researchers, however, didn't find what other data the file could have provided from the user device.