Meta sued for data theft through fake apps

Facebook-owned company Meta has sued several tech companies for creating malicious application programs that steal the identity of WhatsApp users and obtain 'account keys' on computers. The accused companies are 'Rocky Tech HK Limited', China's 'Beijing Luokai Technology Company Limited' and Taiwan's 'Chitchat Technology Limited'. The strict measures were taken after nearly 10 lakh users lost their WhatsApp accounts since last May. According to a report by technology site 'BlipingComputer', a case has been filed in the 'US District Court for the Northern District of California' against several companies that make 'unofficial WhatsApp clients' that steal sensitive data from the Android operating system. According to the sources, 'AppUpdater for WhatsApp Plus 2021 GB Yo FM Hemods' and 'Theme Store for Zap' have also been identified as malicious apps. According to the complaint, some of these apps have been found in the Google Store. And the rest are found on various third party APK sites like 'APKSFree', 'Malavida', 'Idescargar' and 'APK Pure'. These apps also provide 'bundled' malware to steal user account information after installation. Meta alleges that these companies, collectively marketing the app under various names like 'Hemods', 'Highlight Mobi' and 'HeyWhatsApp', lure users by claiming to bring various advanced features to the platform. After that, the hackers steal the data and send spam messages to various contacts by taking over that account. The accused have programmed these malicious applications to steal the identity of WhatsApp users and obtain 'account keys' on computers. All these app builder activities are in direct violation of the Meta’s Builder Agreement and WhatsApp Terms of Use. WhatsApp chief Will Cathcart has posted a detailed warning about the app's problem with fake WhatsApp. Besides, he mentioned 'HeyWhatsApp' and other malicious app makers 'Hemods' as examples. Cathcart also said that the company was able to remove the apps from the list because it sent various information they received to Google. Meanwhile, the app 'AppUpdater for WhatsApp Plus 2021 GB Yo FM Hameds' has been downloaded more than 1 million times from the Play Store. However, tech site Android Police has reported that it has been delisted. According to a report by Android Police, these malicious apps making it to the Play Store by 'leaking the loop' are nothing new. However, most of the apps are then automatically detected and removed by Google. As reported by BleepingComputer, Meta warned users about some such apps in July. The July revelations led to an update to Google's 'Play Protect' service, which allows the operating system to detect various malware-laden apps already installed on devices.