Mobile Banking Malware Sent As A Fake WhatsApp Update
We’re always happy when we hear that the developers of WhatsApp are releasing a new update and we rush to install it, in order to test out the new features. But there’s a saying: “not all that glitters is not gold”, and not every message you receive on your phone comes from well intended sources. There are some hackers who took advantage of the naivety of a few WhatsApp users, sending them a message with a fake update which promises better features. More about this type of malware we’ll tell you bellow.
According to the Association of Banks in Singapore (ABS), around 50 WhatsApp users from Singapore who have received the message in the past three months have fell victims to this malware. The hackers have made various online purchases worth a couple of hundred dollars, but some users lost even thousands of dollars. This happened after the hackers intercepted one-time passwords (OTP) sent by banks to the targeted numbers, which have been used for online purchases, such as budget airline tickets.
The users were receiving a message with a fake WhatsApp update and the users were tricked that if they will not install it, they will lose access to this application. This is one of the successful methods used by the hackers and they were relying on their naivety of these users who were attracted by the fake promise of receiving a battery management module.
When the users were asked to download the update, the damage was made before the download was initiated, which means that the hackers no longer required the victims to enter their credit card details. The malware automatically had access to their credit card information and they were able to intercept the OTP messages which have been sent to their smartphones.
If this type of attack will be spread worldwide, we advise you to be more cautious and to not tap on anything that seems suspicious. Don’t enter your information such as your credit card details, if you’re being asked.
If you want to install a new WhatsApp update, go to the official website and download the latest beta version, or if you want the stable version, head to the Google Play store, iTunes or to the official store of the rest of the supported platforms.