Spoofed Whatsapp site delivers polymorphic SMS Trojan
Posted on 24.01.2014
The more popular an online service or an app is, the more likely this popularity will be misused by cyber crooks to trick users into downloading malware or sharing personal and financial information.

The rising popularity of the Whatsapp instant messaging service is a perfect example, as cyber criminals around the world are constantly setting up schemes misusing the service's good standing.

The latest example, spotted by Malwarebytes' researchers, comes in the form of a website offering the app to Russian-speaking users.


The site is a spoof of the service's official site, and looks pretty convincing. It apparently offers versions of the app for iOS, Android, Nokia, Windows Phone, and Blackberry.

In this case only users with devices running Android are in danger, as the offered app is actually an Android SMS Trojan. Once installed on the device, the malware starts sending pricy text messages to a premium rate number.

"The Trojan itself has been around for a while, but the malware authors are serving up polymorphic files, which change with each visit," the researchers noted.

"The changes involve strings like the package name and java classes. The overall code and data flow remains the same. This tactic isnít necessarily aimed at the user, but to avoid detection by AV vendors."











Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //