Android WhatsApp users on Android should look for new SCAM

Android WhatsApp users on Android should look for new SCAM

by

Android warning: malicious text can install a WORM on your phone – and it also infects all friends who send messages to you on WhatsApp

  • The worm was designed to gain control of other applications also installed on the phone.
  • Shows a fake but convincing screen that appears to be from a legitimate Play Store
  • Asks the user to download a ‘Huawei Mobile’ app, which is also a convincing scam
  • Experts encourage people to download apps only from the Google Play Store and not WhatsApp links

By Joe Pinkstone for Mailonline

Published: | Updated:

Android users are being targeted by malicious software that induces them to download a fake app that also targets friends’ devices via WhatsApp.

The so-called ‘worm’ can only infect a person’s phone if they receive the message themselves and click on the link it contains.

It then prompts the user to enable a variety of roles and permissions. They activate a hidden feature, which means that when the phone receives a message from WhatsApp, it responds instantly with a link to the suspicious website.

The scam is intended to bombard people with ads, which generates revenue for criminals, or induce them to sign up for a subscription service.

However, the technology could also easily be adapted to become more sinister and steal personal information as well as bank details, experts warn.

The worm automatically sends a message to a person who sent a message to the user via WhatsApp. But it is pinged no more than once an hour to avoid the appearance of blatant spam and says 'Download this app and get a cell phone'

The worm automatically sends a message to a person who sent a message to the user via WhatsApp. But ping is not more than once an hour to avoid the appearance of blatant spam and says ‘Download this app and get a cell phone’

The automatically sent message is pinged not just once an hour to avoid the appearance of blatant spam and says ‘Download this app and get a cell phone’.

The accompanying URL is made to look like a Google link to deceive the recipient; however, it is another hoax.

If a person clicks on the link, a site will appear that is a convincing clone of the Google Play Store, but it is actually a fake that is by no means legitimate.

He asks the person to download an application called ‘Huawei Mobile’. This is not a real Huawei app and is actually done by scammers.

x

x

If a person clicks on the link in the WhatsApp message, a website will appear that is a convincing clone of the Google Play Store (on the left), but it is actually a fake that is by no means legitimate. He asks the person to download an application called ‘Huawei Mobile’. This is not a real Huawei app and is actually done by scammers. If a person presses to install and approve requests (photo), the cycle continues

HOW TO AVOID ANDROID ‘WORMS’

The WhatsApp scam, which uses a fake Google Play Store screen and a fake Huawei app to trick customers, is the first of its kind to be found on mobile devices.

This involves allowing a lot of permissions under the guise of winning a new phone and, unintentionally, granting control of the malware to all applications on the phone.

It uses this ability to automatically reply to WhatsApp messages once an hour per contact. Once on the phone, it is difficult to remove and the device has already been tampered with.

The best protection is prevention and, first of all, avoiding allowing the worm to reach the phone.

The best way is to download only apps that are in the legitimate app from the Play Store.

Do not trust sites that are accessed through a link, go directly to the Play Store, as they are verified and official.

A WhatsApp spokesman told MailOnline: ‘This is a malicious application that tricks people into downloading and sending phishing messages via permissions granted by the Android operating system.

‘We are reporting this to the domain provider that the phishing service is using to take action and protect against this abuse.

‘We encourage people to never install apps from untrusted sources and never touch unusual or suspicious links.

“We also encourage people to report messages like this as soon as possible so that we can take action.”

Lukas Stefanko, a researcher at cybersecurity company ESET, discovered the flaw and posted a video showing how it works on YouTube.

Ray Walsh, a technology expert at ProPrivacy, says the scam has the potential to steal personal information and personal information and credentials.

“It seems that the main objective of the malware is to induce victims to fall into an adware signature scheme, which leads to fraud,” he says.

‘This is the first type of worm attack that spreads via WhatsApp messages, and what is worrying is that it could actually be expanded to work with other messengers that take advantage of Android’s quick response feature as well.

“Users are reminded that they should not download any apps unless they have found them in the official app store and never download any apps after clicking on links in a WhatsApp message.”

Jake Moore, a cybersecurity expert at ESET, is encouraging people to be careful and vigilant when sending links on any platform that they do not recognize or seem unusual.

‘People should be very careful when receiving any link, but especially when the link goes to what appears to be an app store.

‘Although it only works on specific phones, this malware has the potential to steal bank passwords or encrypt the phone completely, which can cause further damage.

‘Using WhatsApp to drive this malware works in your favor, as many people use the messaging platform and will believe it is genuine when they first see the message.

“The message coming from your contacts only increases the perception of verification by someone they trust.”

.Source