Share this page!

Will Cathcart Profile picture
Twitter logo
Jul 11 7 tweets 2 min read
Reminder to @WhatsApp users that downloading a fake or modified version of WhatsApp is never a good idea. These apps sound harmless but they may work around WhatsApp privacy and security guarantees. A thread:
Recently our security team discovered hidden malware within apps – offered outside of Google Play - from a developer called “HeyMods” that included "Hey WhatsApp" and others.
These apps promised new features but were just a scam to steal personal information stored on people’s phones. We’ve shared what we found with Google and worked with them to combat the malicious apps.
Google Play Protect on Android can now detect and disable previously downloaded malicious fake versions of WhatsApp. We appreciate the help of Google for their continued work to prevent malicious apps from proliferating on Android devices.
We’ll of course continue our efforts to detect and block these kinds of apps going forward. We're also taking enforcement action against HeyMods to stop future harm, and will further explore legal options to hold HeyMods and others like them accountable.
Mobile phone malware is a pernicious threat that must be countered and the security community continues to develop new ways to prevent it from spreading.
If you see friends or family using a different form of WhatsApp please encourage them to only use WhatsApp from a trusted app store or our official website directly at WhatsApp.com/dl.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Will Cathcart

Will Cathcart Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @wcathcart

Will Cathcart Profile picture
Apr 14
Today we’re very excited to share our vision for a feature we’re calling WhatsApp Communities. This is new functionality we’re building to support the many organizations that use WhatsApp to communicate in a private and secure way.
We’ve heard from many workplaces, non-profits, and local organizations that have been using WhatsApp for their private communication, and there’s a lot we can improve to make WhatsApp work better for groups like these. Image
Communities will make it possible for admins to organize groups under one umbrella, send announcements, and decide which groups can be part of their community to help make group conversations work for their organization.
Read 11 tweets
Will Cathcart Profile picture
Oct 16, 2021
This paper is definitely worth reading. It's from some of the leading minds on computer security and it goes into great detail on why client side scanning (CSS) -- which @WhatsApp opposes -- would be very dangerous for us all.

arxiv.org/abs/2110.07450
They explain in clear terms the many problems with client side scanning proposals, concluding the security risks they would create for everyone would make "us all less safe and less secure."
"CSS has been promoted as a magical technological fix for the conflict between the privacy of people’s data and communications and the desire by intelligence and law enforcement agencies for more comprehensive investigative tools...
Read 11 tweets
Will Cathcart Profile picture
Aug 6, 2021
I read the information Apple put out yesterday and I'm concerned. I think this is the wrong approach and a setback for people's privacy all over the world.

People have asked if we'll adopt this system for WhatsApp. The answer is no.
Child sexual abuse material and the abusers who traffic in it are repugnant, and everyone wants to see those abusers caught.
We've worked hard to ban and report people who traffic in it based on appropriate measures, like making it easy for people to report when it's shared. We reported more than 400,000 cases to NCMEC last year from @WhatsApp, all without breaking encryption. faq.whatsapp.com/general/how-wh…
Read 13 tweets
Will Cathcart Profile picture
Jul 18, 2021
This groundbreaking reporting from @Guardian, @WashingtonPost, and many others demonstrates what we and others have been saying for years: NSO’s dangerous spyware is used to commit horrible human rights abuses all around the world and it must be stopped.
theguardian.com/world/2021/jul…
Human rights defenders, tech companies and governments must work together to increase security and hold the abusers of spyware accountable. Microsoft was bold in their actions last week blogs.microsoft.com/on-the-issues/…
In 2019, @WhatsApp discovered and defeated an attack from NSO.  They rely on unknown vulnerabilities in mobile OSes, which is one of the reasons why we felt it was so important to raise awareness of what we'd found. washingtonpost.com/opinions/2019/…
Read 8 tweets
Will Cathcart Profile picture
Jan 8, 2021
I've been watching a bunch of discussion this week about the privacy policy update we’re in the process of making @WhatsApp and wanted to share some thoughts.

Thread 👇
I want to share how committed everyone @WhatsApp is to providing private communication for two billion people around the world. At our core, that’s the ability to message or call loved ones freely protected by end-to-end encryption and that’s not changing.
With end-to-end encryption, we cannot see your private chats or calls and neither can Facebook. We’re committed to this technology and committed to defending it globally. You can read more here: whatsapp.com/security/
Read 10 tweets
Will Cathcart Profile picture
Mar 11, 2020
This morning the U.S. Senate Judiciary Committee held a hearing on the "EARN IT" Act. While not directly mandating a backdoor, as written, this act would form a commission that could have the power to require services like @WhatsApp to stop offering end-to-end encryption. 1/
Absent clear protections for encryption, EARN IT has the potential to make people less safe, not more, by reducing the security of the over 2 billion people who use WhatsApp to communicate, not to mention all the other encrypted services as well. 2/
It was great to see several Senators stand up for end-to-end encryption - this sends a powerful message to the world that end-to-end encryption helps protect people and we hope to see that affirmed in the text of the bill itself 3/
Read 17 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(