Skip to content Skip to Search
Skip navigation

Arabic speakers targeted by malicious WhatsApp hackers

A young arab woman with a mobile phone: hackers are targeting WhatsApp users Pexels/Keira Burton
Arabic-speaking WhatsApp users are falling victim to unknown hackers spreading malware via the WhatsApp messaging software
  • 340,000 attacks in October
  • Saudi Arabia, Yemen and Egypt hit
  • US, UK and Russia also affected

Arabic-speaking WhatsApp users are being targeted by unidentified hackers who are distributing spying malware through a modified version of the messaging service.

The Russian cybersecurity firm Kaspersky reported that the hackers had launched more than 340,000 attacks in October alone. Saudi Arabia, Azerbaijan, Yemen, Egypt and Turkey experienced the highest attack rates. 

The malware has also affected users in the US, UK, Germany and Russia.

The modified version of WhatsApp offers many enhancements over the standard version, including scheduled messages and customisable options.  

Kaspersky said in its blog: “The modified WhatsApp client’s manifest file includes suspicious components – a service and a broadcast receiver – not present in the original version.

“The receiver initiates a service, launching the spy module when the phone is powered on or charging.”

Malicious mode

Once activated, the malicious implant sends a message with information about the device it has been downloaded onto to the attackers’ server. 

This data includes the IMEI, a numeric identifier that networks use to recognise valid devices, the phone number, and the country and network codes.  

The malware also transmits the victim’s contacts and accounts details every five minutes, and it can set up microphone recordings and exfiltrate files from external storage.

The modified version has made its way to users through popular channels on Telegram Messenger, primarily for Arabic and Azeri-speaking users, some of which had nearly two million subscribers.

Kaspersky said that the threat emerged in mid-August 2023. Dmitry Kalinin, a security expert at Kaspersky, said: “The spread of malicious mods through popular third-party platforms highlights the importance of using official instant messaging apps.

“For robust personal data protection, always download apps from official app stores or official websites.”

Latest articles

Opec Secretary General Haitham Al Ghais says peak oil 'is not on the horizon'

Upstream oil and gas ‘needs more annual investment’

Annual capital expenditure for exploration and production in the upstream sector of the oil industry needs to increase by 22 percent by 2030 because of growing demand and cost inflation, experts say. A cumulative $4.3 trillion needs to be invested between 2025 and 2030, according to a report by the International Energy Forum (IEF) and […]

Rothschild Saudi

Edmond de Rothschild to run funding vehicle for Saudi projects

The Edmond de Rothschild Group is establishing a funding vehicle for infrastructure projects in Saudi Arabia along with the local firm SNB Capital, as part of a deal in which the Swiss investment bank will set up offices in the country.  Saudi Arabia’s massive economic diversification programme has run into financial obstacles as it faces […]

Turkey foreign property sales

Foreigners turning back on Turkish real estate

Foreign buyers are increasingly shunning the Turkish property market, wary of high prices, the expensive cost of living and a less welcoming environment for overseas real estate investors. There were only 2,064 residential units sold to foreign buyers in May, 35 percent down on the same month last year, data issued by the state statistics […]

2KEY8G1 Emirates Airline Airbus A380 aircraft landing. Aerial view of Emirates Airlines A380-800 airplane. An Emirates plane coming in to land at LAX; a spokesperson for Emirates said the contraventions were for safety reasons

US fines Emirates for operating in prohibited airspace

Emirates has been fined $1.5 million by the US Transportation Department for operating flights carrying JetBlue Airways’ JBLU.O designator code in prohibited airspace. The transportation department said that between December 2021 and August 2022, Emirates operated a significant number of flights carrying the JetBlue Airways code between the United Arab Emirates and the United States […]