Spoofed Whatsapp site delivers polymorphic SMS Trojan
Posted on 24.01.2014
The more popular an online service or an app is, the more likely this popularity will be misused by cyber crooks to trick users into downloading malware or sharing personal and financial information.

The rising popularity of the Whatsapp instant messaging service is a perfect example, as cyber criminals around the world are constantly setting up schemes misusing the service's good standing.

The latest example, spotted by Malwarebytes' researchers, comes in the form of a website offering the app to Russian-speaking users.


The site is a spoof of the service's official site, and looks pretty convincing. It apparently offers versions of the app for iOS, Android, Nokia, Windows Phone, and Blackberry.

In this case only users with devices running Android are in danger, as the offered app is actually an Android SMS Trojan. Once installed on the device, the malware starts sending pricy text messages to a premium rate number.

"The Trojan itself has been around for a while, but the malware authors are serving up polymorphic files, which change with each visit," the researchers noted.

"The changes involve strings like the package name and java classes. The overall code and data flow remains the same. This tactic isnít necessarily aimed at the user, but to avoid detection by AV vendors."











Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //