Android WhatsApp users on Android are urged to keep an eye out for new SCAM

by

Android warning: malicious text can install a WORM on your phone – and it also infects friends who message you on WhatsApp

  • Worm is designed to take control of other apps also installed on the phone
  • Shows a fake but convincing screen that looks like a legit Play Store
  • Asks the user to download a ‘Huawei Mobile’ app which is also convincingly fake
  • Experts urge people to only download apps from the Google Play Store and not from WhatsApp links

By Joe Pinkstone for Mailonline

Published: | Updated:

Android users become the target of a piece of malicious software that entices users to download a fake app that is also targeting friends’ devices via WhatsApp.

The so-called ‘worm’ can only infect someone’s phone if they receive the message themselves and click on the link it contains.

Then it prompts the user to enable a variety of features and permissions. These activate a hidden capability, which means that when the phone receives a WhatsApp message, it will immediately reply with a link to the untrustworthy site.

The purpose of the scam is to bombard people with advertisements, generating revenue for criminals, or to trick people into signing up for a subscription service.

However, the technology can also be easily adapted to become sinister and steal personal information as well as bank details, experts warn.

The worm automatically sends a message to a person who messaged the user via WhatsApp. But it is pinged no more than once an hour to avoid looking like blatant spam and saying 'Download this application and win mobile phone'

The worm automatically sends a message to a person who messaged the user via WhatsApp. But it is pinged no more than once an hour to avoid looking like blatant spam and saying ‘Download this application and win mobile phone’

The automatically sent message is not pinged just once every hour to avoid looking like blatant spam and read ‘Download this application and win mobile phone’.

The associated URL was made to look like a Google link to trick the recipient, but it’s another hoax.

Clicking on the link will open a site that is a convincing clone of the Google Play Store, but is in fact a fake that is not legitimate in any way.

It asks the person to download an app called ‘Huawei Mobile’. This is not a real Huawei app and was actually made by the scammers.

X

X

If a person clicks on the link in the WhatsApp message, it will open a site that is a convincing clone of the Google Play Store (links), but is in fact a fake that is not legitimate in any way. It asks the person to download an app called ‘Huawei Mobile’. This is not a real Huawei app and was actually made by the scammers. If a person presses install and approves the requests (shown), the cycle continues

HOW TO AVOID ANDROID ‘WORMS’

The WhatsApp scam that uses fake Google Play Store screen and fake Huawei app to trick customers is the first of its kind to be found on mobile devices.

It involves allowing a lot of permissions under the pretense of winning a new phone and unknowingly granting maware control over all apps on the phone.

It uses this capability to automatically reply to WhatsApp messages once per hour per contact. Once it is in the phone it is difficult to remove and the device has already been compromised.

The best protection is prevention, and to prevent the worm from getting on the phone at all.

The best way is to only download apps that are in the legit Play Store app.

Do not trust sites accessible via a link, go straight through the Play Store as they are vetted and official.

A WhatsApp spokesperson told MailOnline: ‘This is a malicious app that trick people into downloading it and sending phishing messages through permissions granted by the Android operating system.

We report this to the domain provider that uses the phishing service to take action and protect us from this abuse.

We strongly recommend that people never install apps from untrusted sources and never tap on unusual or suspicious links.

“We also encourage people to report these types of messages as soon as possible so that we can take action.”

Lukas Stefanko, a researcher at cybersecurity company ESET, discovered the flaw and posted a video showing how it works on YouTube.

Ray Walsh, a technology expert at ProPrivacy, says the scam has the potential to steal personal information and personal information and credentials.

“It seems that the primary purpose of the malware is to trick victims into falling for an adware subscription scam, which leads to the victim being scammed,” he says.

This is the first worm-type attack to spread via WhatsApp messages, and what’s worrying is that it can actually be expanded to work with other messengers who also take advantage of Android’s quick reply feature.

“Users are reminded not to download apps unless they found them in the official app store, and never to download apps after clicking links in a WhatsApp message.”

Jake Moore, a cybersecurity specialist at ESET, encourages people to be cautious and vigilant when sending links to a platform they don’t recognize or seem unusual.

People should be extremely careful when receiving a link, but especially when it comes to a link to what appears to be an app store.

Although it only works on specific phones, this malware has the potential to steal bank passwords or completely encrypt the phone, which can cause further damage.

Using WhatsApp to drive this malware works to its advantage, as many people use the messaging platform and will believe that it is real when they first view the message.

“The message from their contacts only increases the perceived verification of someone they trust.”

.Source