Security experts from antivirus ESET company warned about a new attack on users of WhatsApp messenger. Under the guise of the web version of messenger is distributed Trojan.
Attackers send out e-mail letters of invitation to download the desktop application WhatsApp Web, issued by the manufacturer at the end of January 2015. Referring to users, scammers use social engineering techniques.
Messages contain a link, supposedly leading to the official website of WhatsApp. Actually clicking the user goes to another site where download the executable file WhatsAppInstall.exe. Under this name hides a Trojan Downloader Win32/TrojanDownloader.VB.QRM. After installation, the Trojan loads on the infected computer other malware. Antivirus products ESET NOD32 detects it as Win32/Spy.Banker.ABOD – spyware software designed to steal authentication data online banking.
Experts have found that this malware was created in Brazil. This attack can be directed at users from other countries. This is not the first attempt by cybercriminals to take advantage of the popularity of WhatsApp messenger, the number of users which in January 2015 exceeded 700 million people. Last year, a vulnerability was discovered in the wildly popular messaging app WhatsApp, which allows anyone to remotely crash WhatsApp just by sending a specially crafted message. There was information on how to steal WhatsApp chats with instruction included.