We have just been made aware of a new form of wormable malware currently spreading through WhatsApp. Once infected, the malware spreads via the victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to a malicious Huawei Mobile app.
Here is an example of how it works:
- You send a message to a friend on WhatsApp
- You get a response from them with a link to a bogus Huawei Mobile app.
- When you click on the link, you are taken to a lookalike Google Play Store website.
- When you install the fake app, you are installing malware.
- Once infected, the malware will be able to do the following:
- Read your notifications
- Run in the background (making it hard to detect)
- Draw over other apps (used to steal your login credentials and additional sensitive information.
- Spread itself to your contacts by automatically replying to any messages you receive with a malicious page link. Because this is wormable malware it can spread very fast, like a wildfire.
How to protect yourself
We are in the process of adding this to our scanner, but in the meantime:
- Do not click on any links to a Huawei Mobile app unless you are 10000000% certain that your contact sent it to you.
- Only install apps from an official app store such as the Google Play Store.
- Do not install any app from a link sent to you unless you are sure it is a legitimate link. Call the person who sent it and ask them to confirm that they sent it.
I will keep you posted. Please share this info with any other android users you know.
Thanks and talk soon.
Incognito Privacy Care Team