Lukas Stefanko, a security researcher from ESET, has detailed an Android WhatsApp Worm thatโ€™s infecting WhatsApp users and their contacts. While this spreadingโ€™s clear objective isnโ€™t known, itโ€™s could mostly be adware or a subscription scam malware thatโ€™s disguised under the Huawei Mobile apps and asks for extensive device permissions.

Android Worm Infecting WhatsApp

Since WhatsApp is the largest instant messenger today, itโ€™s no wonder that most of the threat actors are preying on it. A new WhatsApp worm was discovered by a security researcher named Lukas Stefanko, who demonstrated it, showing the infection and its code pulled from reverse engineering.

The campaign starts with a message being received from a known contact or an unknown number. The message reads as โ€œDownload this application and Win a Lovely Phoneโ€ with a URL to the said application. Tapping on it will take you to a fake Playstore page showing you a Huawei Mobile app for installing.

Downloading and installing the app will begin asking for deep permissions and settles, saying your application for the subscription was submitted and awaits a reply. This hints the worm to be something of a subscription scam or general adware that may bomb your phone with ads everywhere.

While this isnโ€™t known, the researcher called it a worm since it spreads to others through the victimโ€™s WhatsApp contacts. He demonstrated this by sending a message to the infected contact, which garnered an automatic reply with the same worm app link. It should be noted that it sends the message only once an hour.

If infected, victims can uninstall the app to stop this campaign and are suspicious about clicking on such links and installing applications from unknown sources. Installing apps from Google Playstore and being sure about clicking the links only after prior information from a trusted contact should be done.

LEAVE A REPLY

Please enter your comment!
Please enter your name here