Android WhatsApp users on Android have urged to look for new scammers

by

Android warning: malicious text can install a WORM on your phone – and infect friends who send you messages on WhatsApp

  • Worm is designed to gain control over other applications installed on your phone as well
  • Displays a fake but convincing screen that shows up from the legitimate Play Store
  • It asks the user to download a “Huawei Mobile” application, which is also a false convincer
  • Experts urge people to download apps only from the Google Play Store and not from WhatsApp links

By Joe Pinkstone For Mailonline

Published: | Updated:

Android users are targeted by malicious software that deceives users to download a fake application that also targets friends’ devices via WhatsApp.

The so-called “worm” can only infect a person’s phone if he receives the message himself and clicks on the link it contains.

It then prompts the user to activate a variety of functions and permissions. They activate a hidden capability, which means that when the phone receives a WhatsApp message, it will respond instantly with a link to the dodgy site.

The intent of the scam is to bombard people with advertisements, which creates revenue for criminals or to trick people into signing up for a subscription service.

However, the technology could easily be adapted to become more sinister and steal personal information as well as bank details, experts warn.

The worm automatically sends a message to a person who sent messages to the user via WhatsApp. But it is sent no more than once an hour to avoid looking like blatant spam and says

The worm automatically sends a message to a person who sent messages to the user via WhatsApp. But it is sent no more than once an hour to avoid looking like blatant spam and says “Download this app and win your mobile phone”

The automatically sent message is pinged not just once an hour to avoid looking like blatant spam and reads “Download this app and win your mobile phone”.

The accompanying URL is made to look like a Google link to trick the recipient, but it’s another prank.

If a person clicks on the link, a site appears that is a compelling clone of the Google Play Store, but which is actually a fake that is in no way legitimate.

Ask the person to download an application called “Huawei Mobile”. This is not a real Huawei application and is actually made by scammers.

X

X

If a person clicks on the link in the WhatsApp message, it displays a site that is a compelling clone of the Google Play Store (left), but which is actually a fake that is in no way legitimate. Ask the person to download an application called “Huawei Mobile”. This is not a real Huawei application and is actually made by scammers. If a person presses the installation and approves the requests (pictured), the cycle continues

HOW TO AVOID ANDROID “WILLS”

The WhatsApp scam that uses a fake Google Play Store screen and a fake Huawei app to fool customers is the first of its kind to be found on mobile devices.

This involves allowing a bunch of permissions under the guise of winning a new phone and unwittingly granting maware control to all applications on the phone.

Use this ability to automatically reply to WhatsApp messages once an hour per contact. Once in the phone, it is difficult to remove and the device has already been broken.

The best protection is to prevent and avoid allowing the worm on the phone in the first place.

The best way is to download only the apps that are in the legitimate Play Store app.

Do not trust the sites accessed through a link, go directly to the Play Store because they are verified and official.

A WhatsApp spokesman told MailOnline: “This is a malicious application that tricks people into downloading and sending phishing messages through permissions granted by the Android operating system.

“We report this to the domain provider that the phishing service uses to take action and protect against this abuse.

“We encourage people to never install applications from trusted sources and never touch unusual or suspicious links.

“We also encourage people to report such messages as soon as possible so that we can take action.”

Lukas Stefanko, a researcher at ESET’s cybersecurity firm, discovered the flaw and posted a video showing how it works on YouTube.

Ray Walsh, a technology expert at ProPrivacy, says the scam has the potential to steal personal information and personal information and credentials.

“It seems that the main goal of malware is to trick victims into falling into an adware scam, which leads to cheating the victim,” he says.

“This is the first worm attack to spread via WhatsApp messages and what is worrying is that it could be extended to work with other messengers that also use Android’s quick response feature.

“Users are reminded that they should not download any app unless they have found it in the official app store and never remember to download any app after clicking on the links in a WhatsApp message.”

Jake Moore, a cybersecurity specialist at ESET, encourages people to be vigilant and vigilant when sending links to any platform that they do not recognize or seem unusual.

“People need to be extremely careful when receiving any link, but especially when the link is to what appears to be an app store.

“Although it only works on certain phones, this malware has the potential to steal bank passwords or encrypt the phone altogether, which can cause additional damage.

“Using WhatsApp to manage this malware works to its advantage, as many people use the messaging platform and will think it is authentic when viewing the first message.

“The message that comes from their contacts increases the perceived verification of someone they trust.”

.Source