Whatsapp used to distribute new malware
Whatsapp used to distribute new malware: Whatsapp and its users now seem to be in deep trouble as a newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign.
"This malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app," ESET researcher Lukas Stefanko said.
The link upon clicking the fake Huawei Mobile app, redirects users to a lookalike Google Play Store website.
Once installed, the wormable app prompts victims to grant it notification access, which is then abused to carry out the wormable attack. Specifically, it leverages WhatApp's quick reply feature - which is used to respond to incoming messages directly from the notifications - to send out a reply to a received message automatically.
Besides requesting permissions to read notifications, the app also requests intrusive access to run in the background as well as to draw over other apps, meaning the app can overlay any other application running on the device with its own window that can be used to steal credentials and additional sensitive information.
According to Stefanko, the functionality is to trick users into falling for an adware or subscription scam. Furthermore, in its current version, the malware code is capable of sending automatic replies only to WhatsApp contacts - a feature that could be potentially extended in a future update to other messaging apps that support Android's quick reply functionality....Read More
Comments
Post a Comment