There is a new threat for Android smartphones to be propagated through WhatsApp. It is malware, or malicious software, spread through an advertising message in strong circulation on the instant messaging platform.
The alert was given by a publication dedicated to cybersecurity, warning users of the new danger to the security of their mobile devices. Worst of all? Millions of users forward the infected message without realizing it.
The new malware for Android spreads via WhatsApp
Above we see the description of the threat for Android, it is a malware that automatically responds to messages received on WhatsApp from the notifications received. The infected smartphone automatically sends responses to other users.
Through this means, the malware spreads quickly through the Facebook group’s messaging platform. It is a real danger, as pointed out by ESET investigator and cybersecurity expert Lukas Stefanko who launched the alert in the first place.
The malware forwards the unwary user, who receives an automatic response to the message sent by them, directing them to an infected Huawei application. If the user installs it, his Android smartphone, or tablet, is thus infected.
Android malware WhatsApp Worm in action
A device infected with this malware for Android will respond, via the Quick Reply function, to any message received by WhatsApp. The reply sent contains a link (link) to something similar to a Google Play Store. In reality, it is a page created by hackers to resemble the Play Store and convince the user to install the app.
If potential victims install the so-called Huawei application – note that it is an app that pretends to be a Huawei application – mobile devices are now exposed. The infection is consumed when the user actually opens the fake Huawei app.
At this point, the fake Huawei app will ask for various smartphone access permissions. From reading the notifications, in addition to the possibility of running in the background, and on top of other apps (overlay), among other intrusive requests.
This malware can also be used to steal credentials to access a wide range of services, including bank details and other personal and sensitive information. These are the “secondary objectives” of the malware in question.
The latest case of malware and adware attack
The main purpose of this Android malware is to infest the mobile device with advertising. This is what an adware attack, the uninterrupted presentation, or highly intrusive advertising to the user of the infected device.
The financial profits from the advertising presented revert to hackers. This is its primary objective, which, despite not physically damaging the infected Android smartphone, significantly impairs its normal use.
At any time advertising is injected into the smartphone, regardless of what the user is doing. It is similar to a storm of pop-ups which end up impeding the normal operation of the device and drain your battery.
Malware spreads via WhatsApp’s quick responses
The greatest danger of this threat lies in its extreme propagation capacity. An infected device is capable of spreading the harmful message to all that user’s contacts on WhatsApp through Android’s quick response function.
O quick reply is the propagation vector and WhatsApp, the chosen medium. Something that surprised the ESET researcher. “I don’t remember reading and analyzing any malware for Android with the ability to spread via WhatsApp messages.”
The cybersecurity expert says that this threat is capable of spreading incredibly quickly and not only through WhatsApp. “I would say it can be spread via SMS, email, social networks, channels and WhatsApp groups“, says Stefanko.
The threat takes advantage of the user’s confidence in the person who inadvertently sends the message. Especially among family and friends, there is a high probability that the possible victim will at least open the link to the fake Play Store.
The new malware for Android is under investigation and currently active. If in doubt, do not open links to applications that you do not know. Additionally, do not install Android applications outside of the Google Play Store.
4gnews editors recommend:
*The article has been translated based on the content of https://4gnews.pt/alerta-whatsapp-malware-android/ by 4gnews.pt
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article. If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!