WhatsApp Pink Malware Description
A new mobile Trojan was caught being distributed through bait WhatsApp messages posted in group chats. The threat was named WhatsApp Pink because that is the bait used to trick users into clicking the distributed link - the hackers promise that users will be able to turn the usual green color scheme of the application into pink. They also allege that some unspecified new features also will be implemented. Additional legitimacy is added to the fraudulent messages by posing as an official update.
However, downloading the WhatsApp Pink APK file that is at the end of the link found in the message, delivers a malware threat onto the user's mobile device. Analysis of the threat revealed that, at least for the moment, it is designed to target Android systems only, so iOS users are safe from being infected.
The hackers can use the WhatsApp Pink malware to perform a variety of nefarious actions on the compromised devices. They can lock them, harvest sensitive data and exfiltrate it, or access the user's contact list and start sending more fake messages to further expand the reach of their malware tool.
To minimize the chances of falling for tactics such as this one, users should remember to avoid downloading and installing applications from any sources that are not the official App stores of Google and Apple. Android users can take advantage of a nifty feature that will prevent any application or process apart from the Google Play Store from installing software on their devices. To enable it, open the 'Settings' menu and go to 'Apps & Notifications.' Next, open 'App Access' followed by 'Install Unknown Apps.' All that is left now to choose 'Not Allowed'for each listed application.