WhatsApp users are being targeted by a new piece of malware software that tricks users into downloading a fake app, and then infects their contact list by mass forwarding a link to the app, without the user knowing anything about it, reported India Today.
According to Lukas Stefanko, a mobile security researcher, this malicious software in the form of a ‘worm virus’ is masquerading as an innocuous Huawei mobile app.
While WhatsApp has delayed the latest privacy policy update until May 2021, it has issued a new advisory to ensure that more users don’t leave the app. Here’s everything you need to know about the Android worm:
How does an Android ‘worm’ enter your device?
Stefanko, in a Youtube Video explained that the Android worm enters your phone through a WhatsApp text message and uploads ‘Adwares’ (a virus that displays unwanted advertisements).
According to a report by Digital Information World, users usually receive a message from their contact number or an unknown number, asking them to click on a download link to win a free Huawei smartphone. As soon as they tap on the link, a phoney app gets downloaded in the phone.
To make the users believe that the message is not false, a fake Google Play Page will also be shown. However, when you click on the ‘install’ button the Android worm enters your phone.
What happens after you install the infected app?
The app requests access to notifications. It then uses WhatsApp’s ‘quick reply’ feature to instantly redirect the original link to anyone who sends a message on that number.
According to Stefanko, the worm virus also requests background running capabilities. If the request is granted, the worm can plant itself on sensitive information, such as credentials and documents.
How to keep your WhatsApp safe from a worm attack?
Android worms uses its ability to auto-reply to WhatsApp messages once an hour per contact. Once it is in the phone, it is hard to remove it from the device that has already been breached. Here are some ways you can ensure your phone stays safe from the worm:
- Only download apps that are on the legitimate Play Store app.
- Do not trust sites that are accessed via a link, go directly through the Play Store and install any application, as these are official and vetted.
- If you click on the link, immediately uninstall WhatsApp and you might also need to 'reset your phone' completely.
‘Malicious App Forces Users to Download Phishing Messages’
“This is a malicious app that tricks people into downloading it and it sends phishing messages through permissions granted by the Android operating system. We are reporting this to the domain provider, that the phishing service is being used, to take action and to be protected against this abuse,” a WhatsApp spokesperson was quoted by MailOnline.
"We strongly encourage people to not install apps from untrusted sources and to never tap on unusual or suspicious links. We also encourage people to report messages like this as soon as possible, so that we can take action," the WhatsApp spokesperson further added.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)