Spoofed Whatsapp site delivers polymorphic SMS Trojan
Posted on 24.01.2014
The more popular an online service or an app is, the more likely this popularity will be misused by cyber crooks to trick users into downloading malware or sharing personal and financial information.

The rising popularity of the Whatsapp instant messaging service is a perfect example, as cyber criminals around the world are constantly setting up schemes misusing the service's good standing.

The latest example, spotted by Malwarebytes' researchers, comes in the form of a website offering the app to Russian-speaking users.


The site is a spoof of the service's official site, and looks pretty convincing. It apparently offers versions of the app for iOS, Android, Nokia, Windows Phone, and Blackberry.

In this case only users with devices running Android are in danger, as the offered app is actually an Android SMS Trojan. Once installed on the device, the malware starts sending pricy text messages to a premium rate number.

"The Trojan itself has been around for a while, but the malware authors are serving up polymorphic files, which change with each visit," the researchers noted.

"The changes involve strings like the package name and java classes. The overall code and data flow remains the same. This tactic isnít necessarily aimed at the user, but to avoid detection by AV vendors."











Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //