Sonicwall Midyear Banner1

Security Market Segment LS

Sonicwall Midyear2 Banner

Sonicwall Leaderboard Banner2

Saturday, 16 January 2016 15:26

WhatsApp virus affects iOS and Android – and maybe more Featured

By

WhatsApp’s popular messaging app has been targeted yet again by cybercriminals – the latest attack affects both iOS and Android users.

As part of a random phishing campaign, cybercriminals send fake emails represented as official WhatsApp content to spread malware when the 'message' is clicked on.

The emails are being sent from a rogue email address, disguised with an umbrella branding “WhatsApp,” but if users look at the actual FROM email address, they will see it is not from the company.

In order to spread the rogue malware and infect computers, the cybercriminals are using multiple subject lines:

  • You have obtained a voice notification xgod
  • An audio memo was missed. Ydkpda
  • A brief audio recording has been delivered! Jsvk
  • A short vocal recording was obtained npulf
  • A sound announcement has been received sqdw
  • You have a video announcement. Eom
  • A brief video note got delivered. Atjvqw
  • You’ve recently got a vocal message. Yop

Each subject ends with a set of random characters like ‘xgod’ or ‘Ydkpda’.  These are probably used for encoding some data, to identify the recipient(s).

The attachment contains a compressed (zip) file, in which a malware executable resides. The malware is a variant of the “Nivdort” family.  The malware usually replicates itself into different system folders, adding itself into an auto-run in the computer’s registry.

Comodo have no released information on how this malware can affect Android and un-jailbroken iPhone’s or what happens if the email is opened in an OS X or Windows device.

“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs.

In this case it is all about social engineering and the fact that WhatsApp is a popular app on iOS and Android – it is not that WhatsApp is infected although the Chinese developed app was part of the XCodeGhost debacle last year that could infect iPhones.

WhatsApp has also been used in lots of other social engineering scams including hoax messages - all carrying malicious payloads – urging you to use the service, forward recommendations for the app to friends, reactivate your account etc.

Read 11147 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




GET READY FOR XCONF AUSTRALIA 2022

Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.


Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event

GET YOUR TICKET!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments