Android users should be on the watch out for new wormable malware that is being spread through a link titled “Download This application and Win Mobile Phone” on the popular messaging platform WhatsApp.
The malware lures WhatsApp users into downloading an app from a website that looks exactly like the Google Play store.
According to Lukas Stefanko a mobile security researcher, The malware spreads via the victim’s WhatsApp, automatically replying to any WhatsApp message notification with a link to a fake and malicious Huawei Mobile app.
I put together a quick analysis of this WhatsApp wormhttps://t.co/QmpyTAf4mZ
— Lukas Stefanko (@LukasStefanko) January 22, 2021
The malware initiates via a WhatsApp message sent to users with a link attached that redirects to a fake Huawei mobile app, when installed, the application asks for access to notifications.
With these permissions, the app can now use WhatsApp’s quick reply feature to instantly redirect the original link to anyone that messages you.
Other than access to notifications, the app also asks for permissions to draw over other apps and to ignore battery optimization, which enables it to run in the background.
To protect yourself, the best course of action would be to avoid clicking on any suspicious links and only download apps from the Google PlayStore app.