Skip to main content

Caution — Android malware is spreading — and tricking WhatsApp users into a scam

(Image credit: WhatsApp)

Received an instant reply to a WhatsApp message with a suspicious link? That could be a recent wormable malware attack on Android devices, and it spreads throughout your WhatsApp contacts.

As shown and stated by ESET Malware Researcher Lukas Stefanko, "This malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to malicious Huawei Mobile app."

This link brings users to a fake Google Play website to install the Huawei app, which asks user's permission to access the application to "help provide better functionality." But in reality, this sets up the wormable attack, which allows it spread to other devices. 

The malware uses WhatsApp's quick reply feature to send messages with the link as replies. Stefanko also states that the message is sent once an hour to the same contact and that it seems to be an adware or a subscription scam.

The wormable malware could spread to many devices fast, so keep an eye out for any message that leads straight to a Huawei Mobile app download. As always, anything that seems suspicious should be left unopened.

Stefanko stated to The Hacker News that the malware could potentially be seen via SMS, social media, mail and more if it progresses.

Other scams have recently been seen popping up, including a text offering a free year of Netflix collecting that actually collects private information.

H/T The Hacker News