Lukas Stefanko, a security researcher from ESET, has detailed an Android WhatsApp Worm thatโs infecting WhatsApp users and their contacts. While this spreadingโs clear objective isnโt known, itโs could mostly be adware or a subscription scam malware thatโs disguised under the Huawei Mobile apps and asks for extensive device permissions.
Android Worm Infecting WhatsApp
Since WhatsApp is the largest instant messenger today, itโs no wonder that most of the threat actors are preying on it. A new WhatsApp worm was discovered by a security researcher named Lukas Stefanko, who demonstrated it, showing the infection and its code pulled from reverse engineering.
The campaign starts with a message being received from a known contact or an unknown number. The message reads as โDownload this application and Win a Lovely Phoneโ with a URL to the said application. Tapping on it will take you to a fake Playstore page showing you a Huawei Mobile app for installing.
Downloading and installing the app will begin asking for deep permissions and settles, saying your application for the subscription was submitted and awaits a reply. This hints the worm to be something of a subscription scam or general adware that may bomb your phone with ads everywhere.
While this isnโt known, the researcher called it a worm since it spreads to others through the victimโs WhatsApp contacts. He demonstrated this by sending a message to the infected contact, which garnered an automatic reply with the same worm app link. It should be noted that it sends the message only once an hour.
If infected, victims can uninstall the app to stop this campaign and are suspicious about clicking on such links and installing applications from unknown sources. Installing apps from Google Playstore and being sure about clicking the links only after prior information from a trusted contact should be done.
