Fake "new voicemail" notification targets Android WhatsApp users
Posted on 16.09.2013
Malware peddlers have decided to bank on the popularity of the WhatsApp cross-platform IM app for smartphones in order to get users to install malicious apps on their devices, Trend Micro researchers warn.

The attack starts with a fake WhatsApp notification delivered via email, claiming that the user has received new voicemail:


Pressing the Play button will redirect users to different malicious sites depending on which device they use to view the email.

In the case of PC users, they will be taken to a site that warns them that they should download an update for their browser. Fortunately for them, the offered browser_update_installer.jar file is a Java file for the mobile version, and can't do much damage on a PC.

iPhone users that haven't jailbroken their devices are likewise safe, because the downloaded app can't be installed from a source that isn't Apple's official app store.

Android users are obviously the primary target, as they are urged to download the browser_update_installer.apk file disguised as a browser named “Browser 6.5”.

When started, the "app" tries to make the user agree with the terms of the download to continue. Unfortunately, if they do that the app will send text messages to specific premium rate phone numbers, and will also try to convince them to download another app malicious app.









Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //