WhatsApp announced that it had hit the two billion user milestone on February 12. Those users are now being exposed to a recurring security risk. That risk revolves around a warning that spread about a malicious WhatsApp message that first appeared back in 2016. The warning, which spread virally as these things have a habit of doing, involved a supposed WhatsApp invitation to upgrade to WhatsApp Gold. Accept the invite, and users would be asked to click a download link, which in turn would install malware on their device. This special edition app never, of course, existed. Nor, as far as we can tell, did the WhatsApp invitation that people were warning about or, indeed, any malware payload. It was, dear reader, a hoax. A viral hoax that existed, for all intents and purposes, just to spread to as many users as possible.
The current WhatsApp hoax message, which claims the warning was announced on BBC news, urges people not to click on a message to update to WhatsApp Gold. It also then requests the recipient to inform all their contacts not to open a video that is bizarrely called “Dance of the Pope” as it’s malware that will format their smartphone. Another variation of the same hoax warns readers not to open a video called “Martinelli” as doing so “hacks your phone and nothing will fix it.” These hoax WhatsApp messages are the modern equivalent of the old chain letter that urged the reader to send copies on to ten people, or something terrible would happen to them. Unsurprisingly, the Dance of the Pope, Martinelli, or WhatsApp Gold messaging has now started spreading on social media as well.
The clues that this is a hoax are all right there, as information security veteran, Graham Cluley, said that there’s no mention of what mobile operating system the malware runs on. There’s no link to the BBC News report which it is claimed warned about the virus.
The real problem with this kind of hoax messaging that goes viral is that it can then turn into what it purports to be: a malware distribution tool. All sorts of cybercriminals will use whatever theme has captured the zeitgeist of the time. We have sadly seen that currently with ransomware gangs targeting healthcare workers with coronavirus-related phishing lures, and the FBI warning of a significant spike in such COVID-19 cyber-scams. The more people pass the hoax upgrade message warning on to others, the more likely it is that the warning itself will include a link to real malware. Indeed, it has been reported that the smartphone hacking of the world’s richest man, was initiated with malware sent via a WhatsApp message.
Jake Moore, a cybersecurity specialist at ESET, said that it is certainly possible for malicious attachments to cause havoc on phones just like what happened with Jeff Bezos. He further added that there’s enough fake news going around without this to contend with. So if anyone ever see a message that requests it to be passed on, then resist the temptation, delete it and make the sender aware of this misinformation spreading.
WhatsApp has said that they are encouraging users to be more careful about sharing the posts or content with everyone. According to them the users should ask themselves twice if they actual want everyone to see what they are sharing in order to stay safe.
1,050 total views, 6 views today