WhatsApp users are the new target of a new malware attack, the Comodo Antispam Labs (CASL) team says.
Comodo pushed out a blog post revealing that cybercriminals are sending phony emails disguised as official messages from WhatsApp. These phishing emails, which specifically target consumers and businesses using the messaging service, come packed with a new malware.
"As part of a random phishing campaign, cybercriminals are sending fake emails representing the information as official WhatsApp content to spread malware when the 'messages' is clicked on," says Comodo.
These bogus WhatsApp emails come from rogue email addresses of the attackers. If users scrutinize the email addresses sending the messages, they can verify that these are not legitimately sent by the company.
Subject Lines Used By Hackers
For them to successfully infect users' computers, the attackers are using an assortment of subject lines.
The moment you receive emails with these subjects, be sure not to click on them:
• An audio memo was missed. Ydkpda
• You have obtained a voice notification xgod
• A short vocal recording was obtained npulf
• A brief audio recording has been delivered! Jsvk
• You have a video announcement. Eom
• A sound announcement has been received sqdw
• You've recently got a vocal message. Yop
• A brief video note got delivered. Atjvqw
One distinctive characteristic of the subjects is that each of them ends with a few random letters, such as "Yop" or "Eom," which are purportedly used to identify the receiver of the email and encode data.
"Nivdort" Family Variant
The CASL believes the malware is a "Nivdort" family variant. The email comes with a zip or compressed file attachment that includes the malware executable file. Upon executing the attachment, the malware then infects the user's computer.
Like Marketers
Fatih Orhan, the director of technology for Comodo and the CASL, says hackers are becoming more creative like marketers. They use catchy subject lines in their bogus emails so users will click on the emails and unknowingly execute the malware.
Orhan promises that Comodo is boosting its efforts in coming up with new technologies that "stay a step ahead" of the attackers, safeguard endpoints and protect IT environments and businesses.
In October last year, we reported on a new scam designed to deceive users of Apple products into handing over their personal information to cybercriminals.
The scam also involved an email sent to victims. The email promises victims a refund for the expensive app they never purchased. It also requests them to provide their credit card information to cancel the phony transaction.