Earlier this week, a blog post published by ESET researchers reveals that a new update to the fraudulent WhatsApp Pink app is capable of automatically replying to your messages from a variety of apps, including Signal, Viber, Telegram, and Skype.

The new Android malware was first reported by security expert Rajshekhar Rajaharia. It seems to have been first spotted in India, where it was shared in various massive chat groups on popular instant messaging services.

According to ESET researcher Lukas Stefanko,

In order to install the malicious app, users are prompted to allow the installation of apps from places other than the official Google Play store, thus removing a key – and enabled-by-default – security precaution on Android devices.

Source

However, the malware does request permission to access the user’s notifications.

Once the installation is completed and the user clicks on “WhatsApp Pink”, the app hides, pretending that the installation process never took place. Soon after, victims receive a message, to which they will have to reply in order to unwittingly cause the malware to spread further.

Although apps like Signal, WhatsApp, and Skype protect communications and messages In transit, data Resting may be accessible to the person who has the device or the malicious app running on the device. As a result, end-to-end encryption should not be misinterpreted as protection against compromise by a final device using malicious apps like WhatsApp Pink.

The malicious app also requests other permissions, including to draw over other apps, which allows it to overlay over any other applications running on the device, and to ignore battery optimization, which enables it to run in the background and prevents the system from killing it off even if it starts draining the device’s power and resources.

Source

Stefanko warned that this may just be a “test version” and we may see a more malicious variant in the future, and, additionally, the website could be used to host various types of malicious payloads.

Users who have downloaded the WhatsApp Pink application can remove it from the Settings and the App Manager submenu. To make sure the malware removal was successful, it is highly recommended to scan your Android device with a mobile antivirus solution.

Android malware attacks
2019.07.31 SLOW READ

Android Malware: Your Mobile Device Isn’t Safe from Hackers

best encrypted messaging apps
2019.07.20 INTERMEDIATE READ

The Best Encrypted Messaging Apps You Should Use Today [Updated 2019]

skype for business screen sharing error
2018.09.27 QUICK READ

Feature, Bug or Just a Huge Security Risk? Skype for Business, Examined

A New Era of Malware Attacks
2014.11.04 QUICK READ

BEWARE: A New Era of Malware Attacks is Arising

Comments

I simply want to say I am just newbie to blogging and honestly savored your web page.

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP