Security expert Lucas Stefanko unearthed the malware known as ‘Android Worm’. Threat actors are using this malware as a weapon to send malicious messages to WhatsApp users and extract critical information or shutting their accounts entirely. ‘Android Worm’ make an entrance into a user phone as a disguised message and then corrupts the victim’s contact list without the victim being aware of it.
Lucas Stefanko shared a video detailing the android worm malware – “Android WhatsApp Worm? Malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to malicious Huawei Mobile app. The message is sent only once per hour to the same contact. It looks to be adware or subscription scam”.
The malware enters a user phone via message and then uploads adware onto a users’ device and expands by sending WhatsApp messages to the victim’s contact list and keeping the victim in a dark. As per the reports of The Sun, initially, the victim gets a message from a contact or an anonymous number by asking the him to download a link to win a free smartphone. Then after tapping on the link, the victim will be taken into the confidence that a Huawei mobile application is being downloaded into the victim’s device, and to make the message trustworthy, a fake Google page will also be shown. Then, once the victim taps on the install button the victim will end up installing the Android worm into his/her device.
After that, every hour the malicious link will be further sent to some of the user’s contact list and the user will not know if the victim doesn’t check his/her device after every frequent interval. According to the ESET blog “this malware could possibly distribute more dangerous threats since the message text and link to the malicious app are received from the attacker’s server. It could simply distribute banking trojans, ransomware or spyware”.