Security Market Segment LS
Saturday, 16 January 2016 15:26

WhatsApp virus affects iOS and Android – and maybe more Featured

By

WhatsApp’s popular messaging app has been targeted yet again by cybercriminals – the latest attack affects both iOS and Android users.

As part of a random phishing campaign, cybercriminals send fake emails represented as official WhatsApp content to spread malware when the 'message' is clicked on.

The emails are being sent from a rogue email address, disguised with an umbrella branding “WhatsApp,” but if users look at the actual FROM email address, they will see it is not from the company.

In order to spread the rogue malware and infect computers, the cybercriminals are using multiple subject lines:

  • You have obtained a voice notification xgod
  • An audio memo was missed. Ydkpda
  • A brief audio recording has been delivered! Jsvk
  • A short vocal recording was obtained npulf
  • A sound announcement has been received sqdw
  • You have a video announcement. Eom
  • A brief video note got delivered. Atjvqw
  • You’ve recently got a vocal message. Yop

Each subject ends with a set of random characters like ‘xgod’ or ‘Ydkpda’.  These are probably used for encoding some data, to identify the recipient(s).

The attachment contains a compressed (zip) file, in which a malware executable resides. The malware is a variant of the “Nivdort” family.  The malware usually replicates itself into different system folders, adding itself into an auto-run in the computer’s registry.

Comodo have no released information on how this malware can affect Android and un-jailbroken iPhone’s or what happens if the email is opened in an OS X or Windows device.

“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs.

In this case it is all about social engineering and the fact that WhatsApp is a popular app on iOS and Android – it is not that WhatsApp is infected although the Chinese developed app was part of the XCodeGhost debacle last year that could infect iPhones.

WhatsApp has also been used in lots of other social engineering scams including hoax messages - all carrying malicious payloads – urging you to use the service, forward recommendations for the app to friends, reactivate your account etc.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Ray Shaw

joomla stats

Ray Shaw [email protected]  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments