“This malware spreads via the victim’s WhatsApp, automatically replying to any WhatsApp message notification with a link to a fake and malicious Huawei Mobile app”Lukas Stefanko, ESET Malware Researcher
The message that is spreading the malware reads “Download This application and Win Mobile Phone”
The malware is supposedly luring victims into downloading a fake Huawei app from a website that looks like the Play Store. Once installed the wormable malware then prompts whoever downloads and installs it to grant it notification access permission. The malware does this so it can use Android’s quick reply to automatically send messages to anyone who texts you.
“Combining these two features, the malware can effectively respond with a custom message to any received WhatsApp notification message”Lukas Stefanko, ESET Malware Researcher
On top of that, the malware can also influence other applications and this could be especially dangerous considering all the sensitive information we store on our phones.
According to Lukas Stefanko, the malware is pretty crafty because it spreads via WhatsApp messages when the last received message by the victim was sent more than an hour ago. He believes this is done so that it doesn’t arouse suspicion among the victim’s contacts, since receiving a link as a response to every message might cause the recipient to be concerned.