We can do more and more things with our mobile in Spain, leading to us having more and more personal information and becoming an attractive target for cyber attackers. Although in recent years the safer systems are still not entirely infallible and we can still fall, like this new scam that could come to you through WhatsApp.
This WhatsApp message takes you to a fake Google Play and installs a virus
A few hours ago an ESET researcher published a new attack campaign via WhatsApp. It is a malicious application that stands out in that, once it has taken control of your mobile, it is able to send itself to your WhatsApp contacts, something very rare.
The attack itself takes advantage of our ability to accept the weakness of the human being to click and accept everything that is put in front of us. The link sent by WhatsApp is similar to the URL that the link of a Google Play application would have, but it is a false link that takes us to an application store. Again, a fake copy of Google Play in which pressing install downloads a fake APK from Huawei.
Despite the fact that the fraudulent application has a lot of power on our mobile, it uses permissions that we have granted ourselves.
Once this file is downloaded, it asks us manually to grant it permission to show itself on other applications, to ignore battery optimizations and allow the application to access our notifications. Without realizing it, we have given a lot of power to this application so that it is able to do whatever it wants on our mobile.
ESET warns that the fraudulent application, once it takes control of our mobile, is capable of replicating itself, sending said message to our contacts through WhatsApp, the only application through which it sends said message. However, the application would be prepared to also send this message through other messaging applications such as Telegram.
The entry Do not open this WhatsApp message: it takes you to a fake Google Play that infects your mobile appears first in The Free Android.