A malware is found that sends automated replies to messages on WhatsApp and other major chat apps. Eager to know what it is? Yes, as the name suggests, it is Whatsapp Pink!
What is Whatsapp Pink?
“WhatsApp Pink is an updated version of the WhatsApp auto-reply worm we wrote about in January. The Trojan’s updated version doesn’t auto-reply just to WhatsApp messages, but also to messages received on other instant messaging apps, which could be the reason for its apparent wider spread,” said Stefanko, the Malware Researcher from the ESET security community.
This was first announced through a tweet by Rajshekhar Rajaharia as Beware of @WhatsApp Pink!!
“A Virus is being spread in #WhatsApp groups with an APK download link. Don’t click any link with the name of WhatsApp Pink. Complete access to your phone will be lost. Share with All..”
How does the Malware Work?
The Trojan replies with a link to a website from which it could be downloaded automatically to the messages received in apps such as WhatsApp, WhatsApp Business, Signal, Skype, Viber, Telegram, and one of the various unofficial, third-party versions of WhatsApp.
Masked as an official update for the chat app, the “WhatsApp Pink” theme shows up for download but in reality, it is a variant of malware. That said, Stefanko warned that this might be a “test version”, and we may see a more malicious variant further down the road.
Google Playstore could download this app, and the malware does request permission to access the user’s notifications. Once the installation process is completed, and the user clicks on “WhatsApp Pink”, the app hides, claiming that it was never even installed. The victim will then receive a message, to which they will have to reply to cause it to propagate further unwittingly.
What to do if Whatsapp Pink is already downloaded?
Suppose you have downloaded “WhatsApp Pink; you can either remove it through Settings and the App Manager submenu or install a full-featured Android security solution that will scan your device and remove it automatically.
Ways of Prevention:
- Never click on links or attachments that you received via an unsolicited message
- Only download apps from the official app
- Always use a reputable mobile security solution
Be cautious of what kinds of permissions you grant to applications.