Detect Date 06/08/2017
Class HackTool
Platform AndroidOS

This application is used to intercept WhatsApp traffic and subsequently read WhatsApp messages.
The attack is successful when a specially prepared device and the victim are connected to the same Wi-Fi network. Root access is required for the application to work. Core functionality is implemented in the arpspoof and tcpdump ELF modules. Network requests are forwarded to these modules by the iptable class=”most_attacked_countries”, which acts as a go-between between the victim and server.

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 India 16.89
2 Brazil 10.78
3 Mexico 7.76
4 Italy 7.18
5 Germany 6.57
6 Spain 4.30
7 Colombia 2.73
8 Russian Federation 2.59
9 Egypt 2.42
10 USA 2.25

* Percentage among all unique Kaspersky users worldwide attacked by this malware

Find out the statistics of the threats spreading in your region