A new malware attack targeting businesses and consumers using WhatsApp has been discovered by the Comodo Antispam Labs.
As part of a random phishing campaign, cybercriminals are sending fake emails representing the information as official WhatsApp content to spread malware when the “message” is clicked on. The attack is aimed at PC’s rather than Android – but obviously with WhatsApp as a mobile app, this affects WhatsApp users on Android and other mobile OSes.
In order to spread the rogue malware and infect computers, the cybercriminals are using multiple subject lines:
- You have obtained a voice notification xgod
- An audio memo was missed. Ydkpda
- A brief audio recording has been delivered! Jsvk
- A short vocal recording was obtained npulf
- A sound announcement has been received sqdw
- You have a video announcement. Eom
- A brief video note got delivered. Atjvqw
- You’ve recently got a vocal message. Yop
The attachment contains a compressed (zip) file, in which a malware executable resides. The malware is a variant of the “Nivdort” family and usually replicates itself into different system folders, adding itself into an auto-run in the computer’s registry.
This type of email targeting is typical of how todays viruses are spread; be smart and don’t open attachments that are from people you don’t know, are unusual or out of context without seeking confirmation as to their legitimacy first – it’s asking for a nightmare!
What do you do to avoid getting caught in the virus trap?
Not click on suspicious looking links/emails for starters. When people say they have viruses on their computers, it just makes me think “what stupid thing did you click on!”.