What is it? A site claiming to offer up a tool designed to grab WhatsApp user messages.
What does it do? Installs PUPs (Potentially Unwanted Programs) instead. Your messages are safe from would-be thieves.
Do we detect it? Yes, we detect the updater as PUP.Optional.OutBrowse
As we saw yesterday, WhatsApp is currently a hot target for scammers wanting to infect PCs – but it isn’t just email spam you have to be wary of.
Here’s a site offering up what it claims is a program designed to “grab all the messages of your friends now!” located at
With the aid of this program, they claim you’ll be able to gain access to an archive of all messages – whether deleted or not – and find out if “your spouse is cheating on you”.
The download is hosted on Dropbox, instead of the usual “Click a button and fill in a survey” so often seen in this kind of setup, and consists of an 872.32kb .rar archive containing two files.
What they want you to do is run the WhatsApp file, which is the supposed “exploit” program. Here’s what the end-user will see on their desktop:
Hitting the “Grab Messages” button will pop the following message:
WhatApp patched this version. Click OK to start update
As you’ve probably guessed, hitting OK runs the update.exe file. If not connected to the Internet, the file will crash at that point. Otherwise, we’ll see installer prompts for Mobogenie and a browser extension called DefaultTab.
After the supposed update has taken place, the would-be message swiper is still left with an “exploit program” claiming it needs to be updated when hitting the Grab Messages button. At this point, if they’re still desperate to see someone’s messages they should probably just ask them instead.
The VirusTotal score for the updater is 17 / 50, and users of Malwarebytes Anti-Malware will find we detect it as PUP.Optional.OutBrowse.
WhatsApp is big news, and fans of said app are big targets for people wanting to make a bit of fast cash at their expense.
Resist the temptation to download programs promising hacks, cheats or the ability to obtain data you shouldn’t have access to – more often than not, there’s a sting in the tail and it may require more than a band-aid and a splash of cream to set right.