Recently, there has been discussions regarding WhatsApp privacy issue. This has caused millions of WhatsApp users to jump to other apps such as Telegram and Signal. Well, we will discuss about it further in another post. For now, there has been a new issue in WhatsApp messages which allows hackers to spread malware to your Android devices through WhatsApp.
Are you shocked? The Hacker News has reported that there is a new malware which can infect your Android smartphones. This is just a normal link which you always click from your WhatsApp. By clicking this special link, you will be immediately redirected to the Google Play Store.
How does the WhatsApp malware works?
I am sure right now, you probably might be thinking that’s nothing wrong with links which open Google Play Store right. No! You are wrong! This is a phishing link which recreates the Google Play Store. From there, it will prompt you to download a simple app such as Huawei Mobile app.
Upon downloading this simple app, the malware will be automatically activated. Before that, you will be requested to give permissions to the app before activating it. Once the permission is given then whenever someone sends you a WhatsApp message, the malware will auto-reply to your receiver with the embedded link to download the Huawei Mobile app.
According to a security researcher, Lucas Stefanko this malware is very dangerous as it can spread this malware to the rest of your buddies. From there many harmful things can be done to their smartphone. Based on the video shown by Lucas, the malware is smart enough because it doesn’t spam your receiver. It only sends one message in one hour. That’s makes this malware to be more trustable to your receivers.
He also added that this malware is also capable to spread to other messaging apps on your Android smartphones. For example, your Facebook Messenger or maybe your Instagram DM. I have seen many cases where people have sent me some weird links to my Facebook. When I approach them they told me that they didn’t sent those links it seems. This is what the malware does. It loves spamming others.
How to avoid this messaging malware?
For a technical background person, it could be possibly easier to avoid such issues. But for a non-technical person, they might click on the link and got their smartphone infected with malware. If I were you, the very first thing I might do when I receive such a link is ask the sender who sends me this link. It is good to notify them before clicking on the link.
Next step, is to read the embedded link itself. When you read the link itself, you can already know whether the link is really legitimate or not. For example in the video above, Lucas did a demo on how the malware works. He has also shown the link which is sent by the malware to your receivers. As shown in the left image below is the original Huawei Mobile app link from the Google Play Store and the right side is the fake link from the hacker.
Can you guys spot the difference? That’s is how you can know whether a link is legitimate or not.
The one last step, assuming you have downloaded the app, when it request you to give permission for the app, you should read the notice carefully. Something which is suspicious and it says read your personal information is totally dangerous. Make sure you delete the app from your phone immediately. Unless it is from a verified source then you may proceed to give permission to the app.
