A worm that wreaked havoc on WhatsApp in January of this year has since become more intelligent and is now also in circulation on other messengers. These include Signal, Skype, Viber and Telegram. What is particularly tricky is that it can also automatically reply to messages received on the messenger services. These answers then link to a website that contains malware.
Sweepstakes as bait
The security software company ESET is currently warning against the spread of malware that is so clever that the fake answer communicates profits, such as the profit of a smartphone. In order to make the whole thing as realistic as possible, the dangerous messages are only sent by the cyber fraudsters if the contact between the victim and the last contact person was around an hour ago.
If you follow the link received, you will be told that you have to download an app. In order to minimize suspicion and doubts about the fraud, even the Google Play Store is copied, which looks deceptively real. If the victims do not become suspicious at this point either, they will probably actually download the fake app in the next step.
ESET is a security software company founded in Bratislava, Slovakia with offices in around 200 countries. ESET has been a sponsor of Borussia Dortmund for the next three Bundesliga seasons since 2019.
In order for this download to take place, however, you first have to give the program its consent for a few accesses to the mobile device. For example, you have to give the okay for other apps to be overlaid or for the program to run in the background without being able to quit. After the app has been installed, the malware sets in and spreads through the affected messengers.
In order to increase the “success rate” of the distributed messages, every message received is answered with a link to the fake play store immediately after the app has been installed. Since the message appears to come from people known to you, that is the greatest danger of falling for the scam.
In addition to tempting competitions, there is also an optimized WhatsApp version that offers great functions in a new look, which can be downloaded from the fake Play Store.
The software experts at ESET have not yet been able to find out who exactly is behind these cyber scams. It is suspected, however, that the criminals could spread other dangerous messages such as blackmail software or banking Trojans.