We are all whats app fans to a point of even using it on a computer for an app that was initially supposed to be used on a mobile platform. Everyone who gets a smartphone has Whats App on their phones, but hold your horse. Well Brazilian cyber felons have cooked up a banking malware targeting WhatsApp on the computer, known as “Whatsapp for Computers” app.
The malware was delivered through an email delivery campaign alerting users that messaging app Whatsapp was now on PC encouraging them to download it as their friends were already waiting for them to accept their invitations.
When you click the download link, it takes you through several redirections until you download the Trojan software with various anti-debugging features. At the end of it all this malware will download the banking Trojan.
How does it work?
According to Kaspersky lab’s expert Dmitry Bestuzhev, the malware can be clearly identified as Brazilian and works by sending stolen data in the Oracle DB format.
“Once running, the malware reports itself to the cybercriminals’ infections statistics console and when open, a local port 1157 sends stolen information in the Oracle DB format. In addition, it downloads new malware into the system; some samples are 10Mb in size,” he says. “This is the classic style of a Brazilian-created malware.”
The worrying bit is that none of the banks identified as vulnerable have patched their vulnerabilities even if they had been given a heads up.