A new breed of malware is targeting WhatsApp users who are suspicious of potentially cheating partners, according to an exclusive report handed to ITProPortal by security firm Malwarebytes.
The potentially harmful cocktail of malware poses as a tool that claims to be able to "grab" the messages of any WhatsApp user, and promises to help you "find out if your spouse is cheating on you, etc."
The scurrilous hackers are also using widespread low confidence in WhatsApp's security protocols in order to snare users. The site, registered at http://whatsapp-hack.in, claims in broken English that "Due to the low security WhatsApp applies to their servers, we can get it and extract easy any conversation."
It also reassures users that "While you are using you are 100% protected, your victims will not see any changes or suspect behaviour on their acount."
That's where users get caught out. Once downloaded, the ostensible WhatsApp exploit shows the following message: "WhatApp patched this version. Click OK to start update."
Already two alarm bells should be ringing:
- WhatsApps is misspelled "WhatApp"
- There is no cancel button.
As you've probably guessed, hitting OK runs another executable, called update.exe.
If not connected to the Internet, the file will crash at that point. Otherwise, users see an installer that requires them to install Mobogenie, a potentially unwanted program (PUP) that various monetisation programs to bundle with third party installers, and an irritating browser extension called DefaultTab, along with other PUPs that work together to clog up affected computers.
And guess what? The claimed message-grabber still doesn't work. You've been had.
WhatsApp is big news lately, with its acquisition by Facebook for $19 billion. As such, its fans have become targets for those unscrupulous individuals looking to make a fast bit of fast cash at their expense.
Don't be caught out!
For more on how to stay safe online, check out our expert guide on how to stay safe online, as well as our list of three security tools you must have before you go online.