Security News > 2021 > January > Beware — A New Wormable Android Malware Spreading Through WhatsApp
A newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign.
"This malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app," ESET researcher Lukas Stefanko said.
Once installed, the wormable app prompts victims to grant it notification access, which is then abused to carry out the wormable attack.
In its current version, the malware code is capable of sending automatic replies only to WhatsApp contacts - a feature that could be potentially extended in a future update to other messaging apps that support Android's quick reply functionality.
While the message is sent only once per hour to the same contact, the contents of the message and the link to the app are fetched from a remote server, raising the possibility that the malware could be used to distribute other malicious websites and apps.
"I don't remember reading and analyzing any Android malware having such functionality to spread itself via whatsapp messages," Stefanko told The Hacker News.
News URL
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Counterfeit Android devices found preloaded With Triada malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)