“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app
Android users should watch out for new wormable malware that spreads through WhatsApp and lures the prospective victims into downloading an app from a website masquerading as Google Play. ESET malware researcher Lukas Stefanko looked under the hood of this Android nasty.
“This malware spreads via the victim’s WhatsApp, automatically replying to any WhatsApp message notification with a link to a fake and malicious Huawei Mobile app,” said Stefanko. The malware, which was first reported by Twitter user @ReBensk, appears to be mainly intended to generate fraudulent advertising revenue for its operators.
Android WhatsApp Worm?
Malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to malicious Huawei Mobile app.Message is sent only once per hour to the same contact.It looks to be adware or subscription scam. https://t.co/NYbh2A9Y6M pic.twitter.com/2tFgLyG94O
— Lukas Stefanko (@LukasStefanko) January 21, 2021
In order to install the malicious app, users are prompted to allow the installation of apps from places other than the official Google Play store, thus removing a key – and enabled-by-default – security precaution on Android devices.
Once the installation proce ..