• Total Posts: 42341
  • Total Topics: 15617
  • Online Today: 1480
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: WhatsApp chat logs stolen (and sold!!) by Android game Ballloon Pop 2  (Read 3482 times)

0 Members and 1 Guest are viewing this topic.


  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female

Android game steals WhatsApp chats and offers them for sale

Graham Cluley | December 6, 2013 6:34 pm | Filed under: Android, Data loss, Google, Malware, Privacy |  0
If you're new here, you may want to subscribe to the RSS feed, like us on Facebook, or sign-up for the free email newsletter which contains computer security advice, news, hints and tips. Thanks for visiting!

An Android game has been removed from the official Google Play store after it was found to be secretly stealing users’ WhatsApp conversation databases, and offering them for sale on an internet website.

Balloon Pop 2

The game, Balloon Pop 2, is nothing to write home about – but behind its simple exterior lies the ability to scoop up private conversations that you may have made via WhatsApp on your Android device, and upload them to a website called WhatsAppCopy.

Code from Balloon Pop 2

The attacker can then visit the WhatsAppCopy website, enter the phone number of the Android device they are targeting, and (for a fee) access the private conversations.

WhatsAppCopy website

Install the game, find your phone, read your conversations
FREE Try it, it works!

The WhatsAppCopy website openly advertises the BalloonPop2 game as a way of “backing up” a device’s WhatsApp conversations.

Of course, the people behind the website and the BalloonPop2 game would probably argue that they are providing a legitimate service to people who want to create a remote backup of their WhatsApp conversations, and it’s not their fault if the game is misused by people trying to snoop on other people’s privacy.

Balloon Pop 2 and WhatsAppHowever, if that were really the site’s intentions, wouldn’t it be appropriate if a big fat unavoidable warning message was displayed before the game did its dirty deed – giving users the option to realise what was occurring and opt out if they wanted?

Google clearly takes a dim view of the app, as it has now removed it from the official Google Play Android app store.

But, of course, it’s quite possible that the app will be widely distributed via unofficial stores – and future versions could be distributed using other disguises than a balloon-popping game.

Clearly, there are a few lessons to be learnt here.

One is that just because an app is in the official Google Play store, it cannot necessarily be trusted. Google, unfortunately, has a pretty poor record in policing its Android app store. This isn’t the first time that a dodgy app has been found up there, and it won’t be the last. Google, can you please get your act together? Your chairman’s claims that Androids are more secure than iPhones are laughable.

At least Apple has tight reins over the programs which make it into the iOS store for iPhones and iPads.

Second, WhatsApp needs to get better at security. If Android is going to allow apps like BalloonPop2 to scoop up users’ private conversations, then maybe WhatsApp (and similar programs) need to do a better job of encrypting those conversations on the device itself.

Security researchers at McAfee tell me that they are adding detection of the offending BalloonPop2 application as Android/Ballonpoper for their customers, and I imagine other vendors will follow in due course.

 Tags: android, balloon pop, balloonpop2, whatsapp, whatsappcopy

About the author, Graham Cluley
Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives presentations on the topic of computer security and online privacy. Follow him on Twitter at @gcluley, Google Plus,, or drop him an email.

... Karma!


~~~ ~~~

Conare nullius momenti videri fortasse missilibus careant
All spelling mistakes are my own and may only be distributed under the GNU General Public License! – (© 95-1 by Coredump; 2-013 by DevNullius)
More information about bitcoin, altcoin & crypto in general? GO TO

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist

Samker's Computer Forum -


  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
D., thanks for news... :thumbsup:

Luckily, I've never used WhatsApp nor Ballloon Pop. ;)


  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
I suppose WhatsApp is a free App.
Every thing have a price!

A perfect way to spy on a cheating husband.  ;D

Related article "Android/Balloonpopper Sums Up Mobile Threat Landscape in 2013":,8507.0.html
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing !,8405.msg21475.html#msg21475

Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising