New Year’s Virus: a WhatsApp attack to hack iOS and Android devices

In the holiday season, there is often an increase in the activity of online hackers and fraudsters. During the most recent years WhatsApp was one of the main target platforms of threat actors groups; this time, users and ethical hacking experts reported a campaign tracked as “New Year Virus”.  

The campaign consists of sending messages via WhatsApp that contain links to malware-infested external sites, which poses a security risk to any user of the mobile app or web-based platform of the world-famous messaging service.

Usually, these malicious links are disguised as welcome messages to some platform that is of possible interest to the target user. In addition to malicious content, users are also exposed to malicious advertising (malvertising), mainly with the aim of extracting login credentials, report experts in ethical hacking.

Although this is a really simple fraudulent scheme and requires the combination of multiple variants to work, it could be really profitable for attackers, due to the huge number of WhatsApp users worldwide. There is also a history that demonstrates the ease with which a scam via messaging services can spread.

The messaging service is a frequent target of such attacks, so Facebook, the owner company, already prepares a series of updates to limit the malicious use of the service, mainly in chat groups, such as the periodic removal of old messages, in an attempt to limit the amount of spam circulating on the platform. However, ethical hacking specialists point out that it is difficult for this to happen in the same way for conversations between only two users.

Another measure implemented a few months ago is to set a limit on the number of times a message can be forwarded by the same user, primarily as a way to combat the spread of fake news or misinformation.

More than one billion people worldwide use WhatsApp, so groups of threat actors can invest a minimum amount of resources to deploy a malicious campaign of a major scope, as reported by experts from the International Institute of Cyber Security (IICS).

In previous occasions hackers have also used other ways to attract users’ attention, posting supposed job offers or QR codes, although essentially the attack always involves redirecting the victim to a malicious site.