A cybersecurity researcher warns of an app disguised as WhatsApp that can hijack a targeted device.
In an unusual campaign, WhatsApp users receive a message about an update and links to a download page of an app called WhatsApp Pink. The page claims that the app turns the popular chat’s theme from its trademark green to pink. Besides a new look, it also promises undisclosed ‘‘new features.”
The alert first has been published on Hackread. According to the media site, cyber experts warned WhatsApp users to refrain from opening the links that distribute WhatsApp Pink. The message is shared on popular WatsUp forums and is presented as an official update from WhatsApp.
According to Hackread journalists, if a user falls for the scam and clicks on the malicious link, their phones might get hacked and their Whatsapp account may be hijacked. Multiple WhatsApp users have shared the link unknowingly thus helping to spread teh scam, Hackread.com wrote.
A cybersecurity expert Rajshekhar Rajaharia, was the first to alert about the new scamming campaign and warned WhatsApp users on his Twitter account.
“Beware of WhatsApp Pink!! A Virus is being spread in Whatsapp groups with an APK download link. Don’t click any link with the name of #WhatsappPink. Complete access to your phone will be lost.”
It is worth reminding that it is never wise to install any APK or mobile app other than those available on the official App store of Google or Apple or the developer’s website.
Such unofficial apps can be infected with malware that would steal your data, including credentials, photos, SMS, contacts, etc. for attackers to later compromise your phone or use it in phishing attacks.
Main page of the malicious website (Image: Rajshekhar Rajaharia)
When contacted, Whatsapp said to Hackread, “Anyone can get an unusual, uncharacteristic or suspicious message on any service, including email, and anytime that happens we strongly encourage everyone to use caution before responding or engaging. On WhatsApp in particular, we also recommend that people use the tools that we provide within the app to send us a report, report a contact, or block contact.”