Hackers are targeting unsuspecting users with a new type of mobile virus that spreads through legitimate-looking word documents sent via WhatsApp, which could then steal sensitive information from users, including online banking credentials and other data.
The WhatsApp con almost certainly targets Android users. IBTimes doesn’t mention the operating system explicitly in its report, but malware like this typically only works on Google’s operating system and not the iPhone. Furthermore, these “WhatsApp viruses” have only been discovered in India so far, a market where low-end Android smartphones running older versions of Android are very popular.
Hackers are taking advantage of two big organizations in the region to convince users to click on the message attachment. The malicious WhatsApp messages contain names of major organizations in India including NDA (National Defense Academy) and NIA (National Investigation Agency). The documents that circulate via messages are typically in Excel format, although Word and PDF files have been reported as well. The documents are able to access personal data on the phone, including banking credentials and PIN codes.
Central security services in India have issued a notification to defense and security establishments in the region. It’s believed the attack targets people in uniform.
“As these two organizations are very popular and known within the country and abroad and there is a curiosity about them, it is possible that it may affect the mobile phones of people interested in these subjects,” officials told the Economic Times. “However, it has been analyzed that the men and women in defense, paramilitary and police forces could be the target groups.”
It’s unclear at this time what else this virus does on a phone or tablet, or whether WhatsApp is taking any action to prevent the scam.
A recent report profiled what must be one of the scariest examples of Android malware at work. Russian intelligence targeted Ukrainian army with an Android virus that turned the devices the military used for targeting their artillery pieces into tracking devices that could transmit the troops’ exact position.
As always, the best way to protect your data is to avoid clicking on dubious links, no matter how you receive them, and limit app use to applications downloaded from official app stores.