WhatsApp users are being targeted by a new piece of malware software that tricks users into downloading a fake app, and then infects their contact list by mass forwarding a link to the app, without the user knowing anything about it.
According to Lukas Stefanko, a mobile security researcher, this malicious software in the form of a ‘worm virus’ is masquerading as an innocuous Huawei mobile app.
While WhatsApp finally called off the policy change and delayed it until May 2021, it has now issued a new advisory to ensure more users don’t leave the app.
Stefanko, in a YouTube video, explained that the Android worm enters your phone through a WhatsApp text message and uploads ‘Adwares’ (a virus that displays unwanted advertisements).
According to a report by Digital Information World, users usually receive a message from their contact number or an unknown number, asking them to click on a download link to win a free Huawei smartphone. As soon as they tap on the link, a phone pay app gets downloaded in the phone.
A fake Google Play Page will also be shown to make users think the message is not false. When you press the ‘set up’ button, the Android worm gets into your computer.
The app requests notification access. It then uses the ‘fast reply’ feature of WhatsApp to redirect the original connection to anyone who sends a message on that number instantly.
According to Stefanko, the worm virus also requests background running capabilities. If the request is granted, the worm can plant itself on sensitive information, such as credentials and documents.
Android worms use its ability to auto-reply to WhatsApp messages once an hour per contact. Once it is on the phone, it is hard to remove it from the device that has already been breached.
“This is a malicious app that tricks people into downloading it and it sends phishing messages through permissions granted by the Android operating system. We are reporting this to the domain provider, that the phishing service is being used, to take action and to be protected against this abuse,” a WhatsApp spokesperson was quoted by MailOnline.
“We strongly encourage people to not install apps from untrusted sources and to never tap on unusual or suspicious links. We also encourage people to report messages like this as soon as possible, so that we can take action,” the WhatsApp spokesperson further said