It seems, this malicious campaign is designed by hackers to generate revenue by spamming your smartphone with adverts. It tries to tempt users by sending them a link to a fake Android mobile app. In order to tempt people in the following link, in general, this is combined with a message like “download this application and win Mobile Phone”. Users who click on the link will be directed to a website that looks like the Google Play Store. The app looks like the official Huawei Mobile app and while installing it will ask for notification access. Note that this feature allows Android apps to read all notifications posted by the Android operating system. In general, it is used by a wide variety of legitimate apps but this scam app abuses this privilege to access WhatApp’s quick reply feature to spam anyone who sends you a message with the same download link that you fell for.
ESET security researcher Lukas Stefanko tweeted about the new attack. Lukas Stefanko (@LukasStefanko) wrote “This malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app. The message is sent only once per hour to the same contact.”
Lukas Stefanko considers it to be one of the first breeds of malware designed to use the Android quick reply feature to spread between WhatsApp contacts.
Ray Walsh, Tech Expert at ProPrivacy said, “This is the first worm type attack that spreads via WhatsApp messages, and what is concerning is that it could actually be expanded to work with other messengers that leverage Android’s quick reply feature too. Users are reminded that they should not download any apps unless they have found them in the official app store, and to remember never to download any apps after clicking on links in a WhatsApp message.”