Worst of all, users then log into expensive subscription services without their permission. In fact, the entire process takes place in an invisible window where the “Subscribe” button is automatically tapped.
Perhaps the most serious part of the attack is that complete strangers can read and intercept personal chats sent through the popular service.
Commenting on the discovery, Kaspersky Security Specialist Igor Golovin said, “This app makes it difficult for users to see the potential threat because the mod application actually does what is suggested – it adds extra functionality. However, we have observed how cyber criminals have started distributing malicious files via the ad blocks in such apps.
“We therefore recommend that you only use messenger software that has been downloaded from official app stores. They may be missing some extra features, but they don’t install a ton of malware on your smartphone. “