WhatsApp has announced that it has reached the milestone of two billion users on February 12th. These users are now exposed to a recurring security risk. This risk revolves around a warning spreading over a malicious WhatsApp message that first appeared in 2016. The warning, which spread virally as these things are in the habit of doing, involved an alleged WhatsApp invitation to upgrade to WhatsApp Gold. Accept the invitation and users will be asked to click on a download link, which in turn would install malware on their device. Obviously this special edition app never existed. Nor, as far as I know, the WhatsApp invitation that people warned or, indeed, any payload of malware. It was, dear reader, a hoax. A viral hoax that existed, to all intents and purposes, only to spread to as many users as possible. And now he’s back, and there are security implications, which is why I am warning, erm, about the warning.
WhatsApp Gold, Martinelli and the dancing Pope
The current WhatsApp hoax message, which states that the warning has been announced on BBC news, urges people not to click on a message to update to WhatsApp Gold. In addition, he asks the recipient to inform all his contacts not to open a video that is called in a bizarre way “Dance of the Pope” as it is malware that will format their smartphone. Another variant of the same hoax warns readers not to open a video called “Martinelli” as “hacking the phone and nothing will solve it”. These WhatsApp message buffaloes are the modern equivalent of the old chain letter that pushed the reader to send copies to ten people, or something terrible would happen. Not surprisingly, the Dance of the Pope, Martinelli or WhatsApp Gold messaging has now started to spread on social media as well.
The clues that it is a hoax are all there, as information security veteran Graham Cluley said: “There is no mention of the mobile operating system the malware is running on. There is no link to the BBC report. News reported to have warned the virus. “
The security implications of hoax message distribution
So, you’re probably thinking, just ignore it and move on. Even if you are surprised and shared with others, there is nothing wrong, no foul, right? Mistaken. The real problem with this type of deceptive messaging that goes viral is that it can turn into what it claims to be: a malware distribution tool. All types of cybercriminals will use whatever theme captured the zeitgeist of the time. We have unfortunately seen that currently with ransomware gangs targeting healthcare professionals with coronavirus-related phishing baits and the FBI’s warning of a significant spike in such COVID-19 cyber scams. The more people send the hoax update message alert to others, the more likely the alert itself will include a link to real malware. In fact, it was reported that hacking from the world’s richest man’s smartphone was started with malware sent via a WhatsApp message.
“It is certainly possible that malicious attachments can wreak havoc on phones,” says Jake Moore, an IT security specialist at ESET, “as happened with Jeff Bezos.” Usually, I would say that it is essential to validate any message with the sender before forwarding it to anyone. However, in the case of WhatsApp Gold, the sender believes it to be accurate, otherwise they wouldn’t have sent it in the first place. “There is enough fake news going around without it containing,” says Moore, “so if you ever see a message that requires it to be transmitted, then resist the temptation, eliminate it and make the sender aware of the spread of this misinformation.”
To stay safe, WhatsApp said it encourages users to “think carefully before deciding to share something. Ask yourself: would you like others to see what you’ve sent?”