The malware sends automated replies to messages on WhatsApp and other major chat apps
Android users should be wary of messages that are being circulated on WhatsApp and other major messaging platforms and promise to provide a new color theme for WhatsApp. Disguised as an official update for the platform, the “WhatsApp Pink” theme is in reality a variant of malware that ESET researcher Lukas Stefanko analyzed recently.
“WhatsApp Pink is an updated version of the WhatsApp auto-reply worm we wrote about in January. The Trojan’s updated version doesn’t auto-reply just to WhatsApp messages, but also to messages received on other instant messaging apps, which could be the reason for its apparent wider spread,” said Stefanko.
“The Trojan replies with a link to a website from which it could be downloaded automatically to messages received in apps such as WhatsApp, WhatsApp Business, Signal, Skype, Viber, Telegram, and one of the various unofficial, third-party versions of WhatsApp,” he added.
Beyond that, however, the new version – detected by ESET products as Android/Spams.V – doesn’t really do much. That said, Stefanko warned that this may just be a “test version” and we may expect a more malicious variant in the future. Also, the website could be used to host various types of malicious payloads in the future.
The “#WhatsApp Pink” trojan can now auto-reply to received messages not only on WhatsApp, but also Signal, Skype, Viber and Telegram. The replies link to a malicious website further distributing the malware.