Spoofed Whatsapp site delivers polymorphic SMS Trojan
Posted on 24.01.2014
The more popular an online service or an app is, the more likely this popularity will be misused by cyber crooks to trick users into downloading malware or sharing personal and financial information.

The rising popularity of the Whatsapp instant messaging service is a perfect example, as cyber criminals around the world are constantly setting up schemes misusing the service's good standing.

The latest example, spotted by Malwarebytes' researchers, comes in the form of a website offering the app to Russian-speaking users.


The site is a spoof of the service's official site, and looks pretty convincing. It apparently offers versions of the app for iOS, Android, Nokia, Windows Phone, and Blackberry.

In this case only users with devices running Android are in danger, as the offered app is actually an Android SMS Trojan. Once installed on the device, the malware starts sending pricy text messages to a premium rate number.

"The Trojan itself has been around for a while, but the malware authors are serving up polymorphic files, which change with each visit," the researchers noted.

"The changes involve strings like the package name and java classes. The overall code and data flow remains the same. This tactic isnít necessarily aimed at the user, but to avoid detection by AV vendors."











Spotlight

How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victimís financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if youíre using a RF-based card, along with our top safety tips to keep your payments secure.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //