WhatsApp with FinSpy?
I think you heard about the infamous FinSpy by FinFisher. If you haven't it's basically something like a cloud one-way backup app paid by (someone's) taxes (and there's a movie really shitty render !). Anyhow, the mobile version seems old news, as it was unveiled some time ago and even one AV vendor called it nothing new in terms of features. Well, I guess it depends on how you define a feature. But enough of this rant, let's go and see what a commercially made malware looks like. I've analyzed the newest sample that I could find and it's a couple of months old (md5: d6a3ca6e48512890d013e922307e1593 ). It has some usual features, like SMS reading and so on, but today let's have a look at one particular feature: WhatsApp eavesdropping. WhatsApp is a very popular messaging app . Probably it was chosen by FinFisher due to its popularity or maybe just because one of the clients requested "support" for it. But before we begin let me state...