Categories

Security Threat

WhatsApp Spam Campaign Leads to Malware

You’ve probably heard by now of Facebook purchasing the popular messaging application WhatsApp was recently purchased for the sum of $19 billion, a rather impressive figure.

Whatsapp

What you probably haven’t heard, however, is that engineers at security firm Trend Micro recently uncovered a spam campaign taking advantage of this acquisition.

According to Trend Micro, the spam email advertises a new WhatsApp Desktop client for Windows and Mac OSX, although no such client exists.

facebookspamImage: Trend Micro

The email directs user to a download to what Trend Micro refers to as TROJ_BANLOAD.YZV, which in turn downloads the banker called TSPY_BANKER.YZV (Trojan.Banker.CPL with Malwarebytes Anti-Malware).

Engineers at Trend Micro estimate the campaign targets users in Brazil, based on the use of the Portuguese language, malware involved, and recent research.

Criminals never waste an opportunity, as proven here and many other instances. However, remaining alert for scams and spam emails that may lead to potential malware infections will keep you safe from threats like those mentioned herein.

Read the blog from Trend Micro here.

_________________________________________________________________
Joshua Cannell is a Malware Intelligence Analyst at Malwarebytes where he performs research and malware analysis. Twitter: @joshcannell


  • david moore

    Nice analysis. Not directly on target but a new/old malware was making the rounds — the updated invoice scam with a payload that is attempting (it says) to launch a program called Pacifist. Are you guys interested and if so how to send you the message (with Base64 “zipped” executable attachment)?

  • Pingback: WhatsApp Hack Promises Messages, Delivers PUPs | Malwarebytes Unpacked

Subscribe to our YouTube Channel