Customers warned to beware suspect emails disguised as WhatsApp content
WhatsApp users are being urged to be vigilant about what links they click on following the reveal of a malware campaign specifically targeting the instant messaging service.
Researchers from security firm Comodo found that users are being hit by random malware attacks from cybercriminals looking to target as many WhatsApp customers as possible.
Mainly disguised as official emails from WhatsApp itself (with an example pictured below), indicating that the user has a missed call, audio recording or notification, the malware spreads when an attachment is clicked on, infecting the user’s PC.
The malware is a variant of the “Nivdort” family, which usually replicates itself into different system folders, adding itself into an auto-run in the computer’s registry, Comodo says.
“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, director of technology for Comodo and the Comodo Antispam Labs.
“As a company, Comodo is working diligently in creating innovative technology solutions that stay a step ahead of the cybercriminals, protect and secure endpoints, and keep enterprises and IT environments safe.”
Sadly this is not the first time that the security of WhatsApp, which has over a billion users across the world, has come under scrutiny.
Back in February, supposedly built-in flaws in the privacy features of WhatsApp were revealed by a Dutch developer, which apparently allowed users’ status and other information to be tracked by anyone, regardless of how strict their privacy settings are.
In addition to this, last October, researchers at security firm Check Point revealed that up to 200 million users of the WhatsApp Web service, which allows users to receive their WhatsApp messages on their PC, could be at risk of having malware installed on their machines without them knowing.
“Tricking people into visiting hostile websites or open malicious documents is still an extremely common and successful means of hacking companies. It is no surprise that attackers have moved from using email, Facebook and LinkedIn to popular messaging services like WhatsApp,” commented Dave Palmer, director of technology at security firm Darktrace.
“As digital business communications become more diverse and increasingly hard to secure companies need an ability to spot in-progress attacks that are already inside their complex networks. This can only be achieved by using self-learning immune systems that can spot unusual behavior no matter how novel the attack method.”
Are you a security expert? Try our quiz!