Skip to content Skip to Search
Skip navigation

Arabic speakers targeted by malicious WhatsApp hackers

By Divsha Bhat
A young arab woman with a mobile phone: hackers are targeting WhatsApp users Pexels/Keira Burton
Arabic-speaking WhatsApp users are falling victim to unknown hackers spreading malware via the WhatsApp messaging software
  • 340,000 attacks in October
  • Saudi Arabia, Yemen and Egypt hit
  • US, UK and Russia also affected

Arabic-speaking WhatsApp users are being targeted by unidentified hackers who are distributing spying malware through a modified version of the messaging service.

The Russian cybersecurity firm Kaspersky reported that the hackers had launched more than 340,000 attacks in October alone. Saudi Arabia, Azerbaijan, Yemen, Egypt and Turkey experienced the highest attack rates. 

The malware has also affected users in the US, UK, Germany and Russia.

The modified version of WhatsApp offers many enhancements over the standard version, including scheduled messages and customisable options.  

Kaspersky said in its blog: “The modified WhatsApp client’s manifest file includes suspicious components – a service and a broadcast receiver – not present in the original version.

“The receiver initiates a service, launching the spy module when the phone is powered on or charging.”

Malicious mode

Once activated, the malicious implant sends a message with information about the device it has been downloaded onto to the attackers’ server. 

This data includes the IMEI, a numeric identifier that networks use to recognise valid devices, the phone number, and the country and network codes.  

The malware also transmits the victim’s contacts and accounts details every five minutes, and it can set up microphone recordings and exfiltrate files from external storage.

The modified version has made its way to users through popular channels on Telegram Messenger, primarily for Arabic and Azeri-speaking users, some of which had nearly two million subscribers.

Kaspersky said that the threat emerged in mid-August 2023. Dmitry Kalinin, a security expert at Kaspersky, said: “The spread of malicious mods through popular third-party platforms highlights the importance of using official instant messaging apps.

“For robust personal data protection, always download apps from official app stores or official websites.”

Latest articles

PIF's Starbucks shareholdings were cut almost by half from 6.3 million shares to 3.8 million

PIF slashes Starbucks stake as it cuts US stocks by $15bn

Saudi Arabia’s Public Investment Fund (PIF) has slashed its US equity holdings by 42 percent to $20.6 billion, including its stake in Starbucks, the global coffee chain that has suffered calls for a boycott as a result of the Gaza conflict. The latest US government data highlights funding challenges facing the Saudi giga-projects.  The filing […]

Tunisia olives

Soaring olive oil exports help Tunisia balance books

Tunisia’s soaring olive oil exports have almost doubled to close to $1 billion in just five months, helping it claw back its current account deficit.   However the increased revenues merely “paint over the cracks” and the country is still probably heading towards a sovereign default, according to an economic expert. Tunisia’s current account deficit narrowed […]

Iraqi prime minister Mohammed Shia Al-Sudani attends licensing rounds for 29 oil and gas exploration blocks at the oil ministry's headquarters in Baghdad

Falling oil prices deepen Iraq’s fiscal imbalances, says IMF

Iraq’s fiscal imbalances have worsened due to significant fiscal expansion and lower oil prices, according to the International Monetary Fund (IMF). “The ongoing fiscal expansion is expected to boost growth in 2024 at the expense of a further deterioration of fiscal and external accounts and Iraq’s vulnerability to oil price fluctuations,” the Washington-based fund said in […]

Saudi aluminium producer Talco is offering 12 million shares

Aluminium producer Talco announces Saudi IPO

Aluminium producer Al Taiseer Group Talco Industrial Company (Talco) is the latest entity to reveal initial public offering (IPO) plans in Saudi Arabia. The Riyadh-based company, which was set up in 2009, is offering 12 million shares, a 30 percent stake, on the Saudi Exchange (Tadawul) at a nominal value of SAR10 ($2.67) per share. […]