Updated comments from WhatsApp
According to a prominent security researcher, WhatsApp is being used to spread malicious Android apps
Following a tip from Twitter user @ReBensk, ESET's Lukas Stefanko details the WhatsApp worm in a YouTube video (embedded below) Stefanko demonstrates that when an infected phone receives a WhatsApp message notification, it immediately sends a link to a fake Google Play page, prompting the user to download the malicious app
In Stefanko's example, the malicious app is a fake Huawei app, which appears to be designed to display ads on infected devices and make money for app vendors One Twitter user reported witnessing a similar scam using a fake Netflix app
In the grand scheme of dangerous Android malware, this type of adware is fairly lightweight, but still not something you want on your phone [This malware can deliver a more dangerous threat because the message text and links to malicious apps are received from the attacker's server It could simply be distributing banking Trojans, ransomware, or spyware"
To avoid infection, make sure your Android phone can only install software from the official Google Play store
This varies from model to model, but in general, go to Settings > Apps > Special Access > Install Unknown Apps to prevent any app on the phone from installing apps on its own
For older phones before Android 7 Nougat, make sure Settings>Security>Unknown Sources is turned off
We also recommend using the best Android antivirus apps that will catch this malicious app before it is installed
WhatsApp contacted Tom's Guide and released the following statement:
"This is a malicious app that tricks people into downloading it with permissions granted by the Android operating system and sends phishing messages Phishing messages are sent We are reporting this to the domain providers used by the phishing service and asking them to take action and protect against such exploits We urge people not to install apps from untrusted sources or tap on unusual or suspicious links We also urge people to report such messages as soon as possible so that action can be taken"
Comments