A new WhatsApp worm malware is infecting contact list of users without their knowledge. Read on to know more about it…
WhatsApp is often used by cybercriminals to send infected messages to users and get access to their sensitive information or disable their account completely. As per the latest findings of a security researcher, WhatsApp users are receiving texts that are infecting their contact lists. The malware is known as “Android Worm” enters users’ phone as a message and then infects their contact list without them knowing anything about it.
Android Worm Malware
Security researcher Lukas Stefanko had discovered the Android Worm is infecting users’ contact lists without their knowledge. Stefanko shared a video explaining how the malware infects a device and wrote, “Android WhatsApp Worm? Malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to malicious Huawei Mobile app. The message is sent only once per hour to the same contact. It looks to be adware or subscription scam.”
Lukas Stefanko of ESET, following up on a tip from Twitter user @ReBensk, detailed the WhatsApp worm in a YouTube video (embedded below). If an infected phone receives a WhatsApp message notification, the phone immediately sends back a link to a fake Google Play page inviting users to download the malicious app, Stefanko demonstrated.
In Stefanko’s example, the malicious app is a fake Huawei app that seems designed to display ads on infected devices and earn money for the app distributors. But it could take other forms — one Twitter user reported seeing a similar scam involving a fake Netflix app.
Working Mechanism
Stefanko explained that the malware that enters a phone through a message and then uploads adware onto your phone. It spreads by sending WhatsApp messages to a user’s contact list without his knowledge. A report by The Sun revealed, that users would first get a message from a contact or an unknown number. The message would ask users to download a link to win a free smartphone. When you tap on the link, you will be given the impression that a Huawei Mobile application is being downloaded to your phone. To make the users believe that the message is not false, a fake Google Play Page will also be shown. However, once you click on the install button you will end up with the Android Worm in your phone.
Once the worm enters your phone, the malicious link will be further sent to some of your contacts once an hour. And if you do not check your phone after every frequent interval, you would not even get to know that a link has been sent to a contact.
“This malware could possibly distribute more dangerous threats since the message text and link to the malicious app are received from the attacker’s server. It could simply distribute banking Trojans, ransomware, or spyware,” the ESET blog read.
Mitigation
To avoid infection, make sure your Android phone can install software only from the official Google Play store. You also want to be running one of the best Android antivirus apps, which will catch this malicious app before it installs.
The only way to avoid such messages from infecting your device is by simply ignoring any links that you receive on WhatsApp. Even if you receive any such suspicious message from a known contact, please text him or her from a separate platform to confirm whether the message was sent by him or not. In case you want to download any app, only do it from the Google Play Store.
In response to Tom’s Guide, WhatsApp quoted “This is a malevolent application that fools individuals into downloading it and sending phishing messages through authorizations conceded by the Android working framework. We are revealing this to the area supplier that the phishing administration is utilizing to make a move and to ensure against this maltreatment. We emphatically urge individuals never to introduce applications from untrusted sources and to never tap bizarre or dubious connections. We additionally urge individuals to report messages like this as quickly as time permits with the goal that we can make a move.”