Android WhatsApp users on Android urged to search for new SCAM

by



[ad_1]

Android Warning: Malicious text can install WORM on your phone – and it also infects all friends who text you on WhatsApp

  • Worm is designed to take control of other apps also installed on the phone
  • Displays a fake, but convincing screen that appears to be from the legitimate Play Store
  • Asks the user to download a ‘Huawei Mobile’ app which is also a convincing fake
  • Experts urge people to only download apps from the Google Play Store, not from WhatsApp links

By Joe Pinkstone For Mailonline

Posted: | Updated:

Android users are targeted by malware that tricks users into downloading a bogus app that also targets friends’ devices through WhatsApp.

The so-called “worm” can only infect a person’s phone if they receive the message themselves and click on the link in it.

It then asks the user to activate a variety of functions and permissions. These activate a hidden feature which means that when the phone receives a WhatsApp message, it will instantly respond with a link to the questionable site.

The intention of the scam is to bombard people with advertisements, which creates income for the criminals, or to trick people into signing up for a subscription service.

However, the technology could also be easily adapted to become more sinister and steal personal information as well as bank details, experts warn.

The worm automatically sends a message to a person who has sent a message to the user through WhatsApp. But it is not sent more than once per hour to avoid sounding like blatant spam and says `` Download this app and earn mobile phone ''

The worm automatically sends a message to a person who has sent a message to the user through WhatsApp. But it is not sent more than once per hour to avoid sounding like blatant spam and says “ Download this app and earn mobile phone ”

The automatically sent message is sent only once per hour to avoid sounding like blatant spam and reads “Download this app and win a mobile phone”.

The accompanying URL is designed to look like a Google link in order to trick the recipient, but that’s another hoax.

If someone clicks on the link, it brings up a site which is a compelling Google Play Store clone but is in fact a fake which is by no means legitimate.

It asks the person to download an application called “Huawei Mobile”. It is not a real Huawei app and is actually created by scammers.

X

X

If someone clicks on the link in the WhatsApp message, it brings up a site which is a compelling Google Play Store clone (left) but is actually a fake which is by no means legitimate. It asks the person to download an application called “Huawei Mobile”. It is not a real Huawei app and is actually made by crooks. If a person presses install and approves the requests (pictured), the cycle continues

HOW TO AVOID ANDROID “WORMS”

The WhatsApp scam that uses a fake Google Play Store screen and fake Huawei app to trick customers is the first of its kind to be found in mobile devices.

It involves allowing a bunch of permissions under the guise of winning a new phone and unintentionally granting maware control of all apps on the phone.

It uses this ability to automatically reply to WhatsApp messages once per hour per contact. Once it’s in the phone, it’s hard to remove and the device has already been breached.

The best protection is prevention and avoiding leaving the worm on the phone in the first place.

The best way is to download only the apps that are on the legitimate Play Store app.

Don’t trust any sites you link to, go straight to the play store as they are approved and official.

A spokesperson for WhatsApp told MailOnline: ‘This is a malicious app that tricks people into downloading it and sending phishing messages through permissions granted by the Android operating system.

“We report this to the domain provider that the phishing service uses to take action and protect against such abuse.

“We strongly encourage people to never install apps from untrustworthy sources and never tap on unusual or suspicious links.

“We also encourage people to report posts like this as soon as possible so that we can take action.”

Lukas Stefanko, a researcher at cybersecurity firm ESET, discovered the flaw and posted a video showing how it works on YouTube.

Ray Walsh, technology expert at ProPrivacy, says the scam has the potential to steal personal information and personal information and credentials.

“It seems that the main purpose of the malware is to trick victims into falling for an adware subscription scam, which leads to the victim being defrauded,” he says.

This is the first worm-type attack to spread through WhatsApp messages, and what is concerning is that it could actually be extended to work with other messengers who also take advantage of the feature. quick response from Android.

“We remind users that they should not download any apps unless they have found them in the official App Store, and that they should remember never to download any apps after clicking on links in a WhatsApp message. “

Jake Moore, cybersecurity specialist at ESET, encourages people to be careful and vigilant when posting links on a platform that they do not recognize or appear to be unusual.

“People have to be extremely careful when they receive a link, but especially when it comes to a link to what appears to be an app store.

“ Although it only works on specific phones, this malware has the potential to steal bank passwords or completely encrypt the phone, which can lead to further damage.

“ Using WhatsApp to pilot this malware works to its advantage as many people use the messaging platform and will believe it to be genuine when they first view the message.

“ The message from their contacts only reinforces the verification perceived by someone they trust. ”



[ad_2]

Source link