WhatsApp Virus Targets Security Personnel
By: Jim Stickley and Tina Davis
January 6, 2017
WhatsApp is a very popular messaging application and has users all around the world. In fact, according to the statistics portal, Statista, it has over 1 billion active monthly users. That is why it is a good platform for spreading viruses and malware. In fact, one virus spreading now via WhatsApp throughout several countries is capable of capturing personal information from the infected device, such as banking login credentials.
With a WhatsApp message comes a legitimate-looking document. Most often this one is reportedly an Excel (.xls) file, but there have also been reports of it being a Microsoft Word (.doc) document as well. While there are no specific reports that it is only targeting Android users, the fact that it is primarily being seen in India right now where lower-end and outdated Android devices are popular makes it appear to be the focus at the moment.
In the below scam, criminals are attempting to get malware installed with a WhatsApp introduction offer. Notice that the URL is not a WhatsApp domain, it is a Github domain. Github is a service that allows developers to share and download programs. The program shared in this case is malware.
However, don’t let that fact diminish the importance of watching out for phishing messages, no matter how they arrive and what type of device you use. WhatsApp is global and it is extremely easy to send a message from one country to another. Just because it’s in India today, does not exclude it from arriving in the United States or Europe tomorrow. So always be suspicious of attachments and links that are unexpected; regardless of the delivery vehicle. If it shows up as a surprise, confirm with the sender that he or she did intend to send it and that it’s safe.
This virus is so rampant right now that India’s central security services issued a notice to defense and security organizations warning them that this seems to be targeting people in uniform.
While the spreading of the virus is known, everything it may do is not. Therefore, make sure your devices are always kept updated with the latest versions of the operating systems and patched with the security patches as soon as they are released. Don’t forget to keep anti-virus and anti-malware software installed and kept up-to-date on all devices that connect to the Internet.