A new android worm has been detected to be spreading and targeting WhatsApp users all over the Indian subcontinent. This app has been added with advanced capabilities where it can respond to messages automatically that are received on multiple such instant messaging app.
What Happened?
This malware propagates itself as a link to get pink-themed WhatsApp and contains links to malicious websites. This spreads via WhatsApp groups and the security researchers have warned against any such messages.
- The malware is spreading through WhatsApp messages that read “Apply New Pink Must-Try New WhatsApp. http://XXXXXXXX/?whatsapp. “
- The link lead to a webpage where apparently they can download WhatsApp pink APK. There is a download button and as the user clicks on the button, malicious files with the name WhatsAppPink.apk get downloaded.
Recent attacks on WhatsApp-
There have been several attacks where the malicious application poses as a legitimate WhatsApp application or the threat actors spread the malware through malicious links.
- Arid Vipers, a threat group was found to be using as many as 41 phishing sites to spread the android spyware which had snooping features. Those spywares posed to be fake versions of messaging apps like WhatsApp and Threema.
- FlixOnline malware was found to be hidden in apps of Google Play store. This was discovered in a research by Check Point. This malware can propagate itself through user’s WhatsApp message.
Conclusion-
Researchers suspect that this malware was only a test and more such apps may come up in the near future. This malicious can be users who have downloaded it from the Settings and App manager menu. The android users can also scan their device for malwares using anti malware applications.
