If you get a WhatsApp message that says, " Download this app and win the mobile phone, " don't be fooled.It is said to be a wormy malware that can infect your contact list and steal your personal data . Android users are at high risk of this WhatsApp message malware, according to ESET malware researcher Lukas Stefanko.
He investigated this nasty WhatsApp Android malware and found that the message tries to trick users into downloading a fake Huawei app , which then asks for a number of permissions, including access to notifications to instantly reply to WhatsApp messages with a link to scam site.
Android WhatsApp Worm?
— Lukas Stefanko (@LukasStefanko) January 21, 2021
Malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to malicious Huawei Mobile app.
Message is sent only once per hour to the same contact.
It looks to be adware or subscription scam. https://t.co/NYbh2A9Y6M pic.twitter.com/2tFgLyG94O
The malware was first reported by Twitter user @ReBensk, who claims that its main goal is to generate fraudulent ad revenue for its operators. Stefanko further added that the malware spreads through the victim's WhatsApp , automatically responding to any WhatsApp message notification with a link to a rogue and malicious Huawei mobile app.
While Huawei's app looks authentic, it is not available on the Google Play Store . The malware prompts users to download and install the app from the web, thus bypassing the security precaution on Android devices. Once the installation is complete, the Huawei Mobile app prompts users to enable a variety of features and permissions, including notifications, the ability to draw over other apps, and bypassing battery optimization.
" The worm spreads via messages to WhatsApp contacts only when the last message received by the victim was sent more than an hour ago ," Stefanko said. He believes that this is done to arouse suspicion among the victim's contacts, as receiving a link in response to each message can cause alarm. While WhatsApp malware is currently used as an adware or subscription scam campaign, it is said to have the ability to distribute banking trojans, ransomware, or spyware.
The worm spreads via messages to WhatsApp contacts only when the last message received by the victim was sent more than an hour ago.
“This is a malicious application that tricks people into downloading it and sending phishing messages through permissions granted by the Android operating system. We are reporting this to the domain provider that the phishing service is using to take action and to protect against this abuse, ” a WhatsApp spokesperson told MailOnline.
You should avoid clicking on such malicious links and only download the Google Play Protect apps from the Play Store to make sure the app is safe to use.