The most popular app in the world, WhatsApp, is being targeted by a new malware campaign that is aiming at the app’s business and consumer users, Comodo Labs can reveal.
The researchers at Comodo Labs say that the brains behind this mysterious malware are making use of emails that pose as WhatsApp content. The message sent comes with an attached zip file that contains an executable malware.
According to the reports, the sent emails come with different subject lines so that it is not easy to tell whether it’s the same thing that was sent to another account. You may see something like “You have received a voice message” or even something like “You’ve missed a voice notification” and then a short piece of random characters that are maybe used as the recipient’s ID.
The plan of the developers of this malware is for the recipient to open and execute the zip file in the email which then allows the malware to be installed on the device in question. The malware can affect both your PC and phone depending on the device used to access the email in question.
Comodo Labs identified the malware to be of the Nivdort family which means that when it is executed on the PC, for example, it will replicate into multiple system folders. In addition, it will also add itself to the registry’s auto-run.
In today’s world, cybercriminals have become extremely clever in that they no longer use obvious subject lines when trying to lure innocent users into their trap. They have in fact grown to become some of the best marketers there is, making use of extremely creative and hard to guess subject lines that no one can easily suspect. Using these unsuspecting emails that only need the users to click on it and open in order to trigger the virus spread is just one of their new ways of doing things.
A problem for WhatsApp
WhatsApp has had issues to do with security over the past few years and it seems the company is not doing much to help take off this recurring problem. Sometimes last year, it was reported that cybercriminals were jamming WhatsApp with spam messages and hoaxes in a bid to spread different malwares on user devices.
The app also suffered issues related to vCard messages, but this was mostly affecting those using WhatsApp Web. The Better Business Bureau also reported that WhatsApp was being targeted in email scams that came with the subject line “Incoming Voice Message” alongside the message’s timestamp.
Towards the end of last year, it was also discovered that WhatsApp can crash when you overuse emojis beyond the 4000-character mark, something that the company says it is still working on.
The news of a similar email-based scam means that Facebook has yet to take care of this problem, something that may start scaring new users as well as “chasing” away the current ones.