New Android Malware Spreading Through WhatsApp Which Pretends to be the Huawei Mobile App

Recently, there are reports of a new Android malware and the specialty here is that it is spreading through WhatsApp.

According to Lukas Stefanko of ESET, a well-known cyber security firm, the program automatically responds to WhatsApp messages sent to installed mobile phones, and replies to such messages contain a link to the malicious program, which appears to be the Huawei Mobile app.

“This malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app,” Lukas Stefanko said.

This is not a real Huawei Mobile app, and that link will take the user not to the Google Play Store but to another website designed to look similar. Stefanko also points out that the current version of the virus can only spread via WhatsApp, but can quickly spread through other social media as well as through chat groups / channels.

If you download and install the app contained herein, it will mislead the user and get notification access, draw-over-other apps permission as well as permissions required to run in the background. This malicious program then starts replying to WhatsApp messages sent to the mobile phone through its notification and tries to spread to the mobile phones of the person’s friends.

Although the message is sent to the same contact only once per hour, the contents of the message and the connection to the app are retrieved from a remote server, increasing the risk that other malicious websites and applications may be spread using the malware.

Stefanko said it is not clear the exact mechanism behind how it makes its way to the initial collection of directly infected victims. Furthermore, it is to be noted that wormable malware can potentially expand extremely rapidly from a few devices to many others.

This app also has drawn over other apps permission, so it has the ability to collect your passwords, credit-card data as well as everything else, acting as an overlay on other apps.

It would be wise to pay close attention to the apk side-loading, especially from a well-known store such as the Google Play Store, via a link sent by friends.