14 DAY TRIAL // With the recent announcement that WhatsApp would no longer be restricted to mobile devices and its features would become available on desktop computers as well, cybercriminals were quick to create a lure to entrap some of the more than 700 million users of the service.
On January 21, WhatsApp CEO Jan Koum informed that the application, so popular on mobile platforms, had a web client that could be used from Google Chrome in order to access all the conversations and messages from the mobile device.
Banking Trojan delivered in Brazil
Even if the CEO explained that the web client was just a web page mirroring the original content that was still cached on the phone, cybercriminals took advantage of the news and devised new forms of attack, tricking users with fake downloads purporting to be the desktop variant of the app.
Security researchers from Kaspersky found myriads of examples online, targeting users from all parts of the world.
In Brazil, they noticed a fake download promising WhatsApp for Windows, which delivered banking Trojans to the victims’ computers. Multiple domains had been set up, some active, others waiting for their turn.
In a different case, the crooks attempted to fool unsuspecting users to add a suspicious extension for Google Chrome posing as the messaging app, says Fabio Assolini of Kaspersky.
Getting a phone number is sometimes the goal
Versions for Spanish and Arabic language speakers were also on the list of fake downloads, all vowing to bring to the PC the same experience users were accustomed to on the mobile device.
In some cases, getting the coveted file was gated by some request, such as providing the mobile phone number. With it, cybercriminals can start sending spam or they can subscribe the victim to premium-rate services, Assolini says.
An unsolicited message could also include links to malicious locations. These are often masked by using a link shortening service such as Bit.ly or Goo.gle. When the recipient launches the link, they are taken to a page hosting malware or services that attempt to score a subscription.
Moreover, there have been cases where the landing page hosted a fake message alerting of a malware infection and offering users a “useful” phone number where they could talk to tech support in order to find a solution to the problem.
Regardless of the incentives dropped in these messages and pages, it is recommended to access WhatsApp for the web from the official website; simply pairing the mobile device with the web browser may not exactly be what one wants, but at least it is the safe way to go.
