WhatsApp virus

WhatsApp virus is a term used for a variety of malware and scams directed towards this popular communications app

WhatsApp scam
WhatsApp virus is a cyber infection that affects WhatsaApp users. It is a scam that targets their personal details or aims to infect victims devices with malware.

WhatsApp scam
WhatsApp virus is a cyber infection that affects WhatsaApp users. It is a scam that targets their personal details or aims to infect victims devices with malware.

WhatsApp virus is an umbrella term describing a wide range of computer threats and scams related to this app. Also, there are numerous scams relying on misleading messages and warnings that try to make users click on unsafe links, register on suspicious websites, enter private information or inject malware directly to their device. 

WhatsApp is one of the most used communication apps in the world which provides end-to-end encryption for private messaging. Unfortunately, bad actors are quick to abuse it. Most prevalent threats have been including “Martinelli” and “Olivia hoax” scams. However, the recent shocking discovery made by security experts reports about a severe WhatsApp virus 2019 vulnerability which helps hackers to install the Pegasus spyware[1] and access users’ camera, microphone, emails, messages, and other private data.[2]

Whatsapp Martinelli 2020 scam is a hot topic currently, as users reported that the scam message is being distributed again. Allegedly, it warns about the upcoming Whatsapp “Martinelli” video and WhatsApp Gold that users will be delivered a private message about, and that they should not click on links, as they will infect their phones with a virus and “nothing will fix it.”[3]

Name WhatsApp virus
Type Scam, malware, fraud
Distribution Infiltrates systems together with fake apps or via infected links/messages

The activity of the infection might vary greatly, as it depends on what type of virus you are dealing with. Common malware infection symptoms include high battery consumption on a mobile device, heat issues, slowdowns, software crashes, redirects to suspicious websites, etc. On the other hand, scams are generally not dangerous, as long as you do not click on provided links.

Malicious activity

The man goal of WhatsApp virus is to either acquire personal/sensitive information from users or make them install malware

  • WhatsApp GhostCtrl virus
  • WhatsApp voice message Trojan virus
  • WhatsApp Gold scam
  • WhatsApp trial service scam
  • “Update WhatsApp” Messenger virus
  • Adidas Whatsapp scam
  • “Olivia” message with the pornographic picture
  • WhatsApp Martinelli warning scam
redirects to domain w.whatsaappp.com
Removal To eliminate the threat from your device, use anti-malware software. You should also reinstall WhatsApp app on your device and install all updates provided by the developer

The original WhatsApp messaging application is not malicious or dangerous. It does not belong to the category of computer viruses. WhatsApp is a popular free messaging application compatible with iPhone, Android, BlackBerry, Windows, and other mobile operating systems. Currently, its user database reaches over 1.2 billion users,[4] so there’s no wonder that scammers and malware creators are inventing ways to benefit from that.

At the moment, there are several types of WhatsApp viruses acting almost in the same way. In most of the cases, cybercriminals seek to trick their victims into installing a Trojan,[5] or other malware, and swindle confidential information. For this reason, they display fake alerts filled with bank logos and similar details that look genuine.

Typically, the WhatsApp virus infects the system as an additional component and then starts illegal activity behind the user’s back. Therefore, it is not enough to simply remove WhatsApp from the computer in order to solve the problem. And security flaws in the program’s code are not helping the situation.

Last year, the University of California researcher Tobias Boalter detected a backdoor which enabled unauthorized and unmonitored access to the app. This vulnerability allowed decrypting the secure end-to-end message encryption, making it possible for hackers to read through victims’ conversations.[6] Of course, the flaw was quickly patched up but is there any guarantee that such zero-day will not emerge in the future?

Even if WhatsApp deals with its security issues, there are numerous other ways to use the app for malicious purposes. In this article, we will introduce some of the currently active threats, try to determine how they reach devices and, finally, discuss WhatsApp virus removal options. If you are a user of Android, you should be able to find useful information in the Android virus elimination guide as well.

WhatsApp virus illustration
WhatsApp virus comes in a variety of shapes and sizes. In the image above you can see a couple of examples of the virus versions.

WhatsApp virus illustration
WhatsApp virus comes in a variety of shapes and sizes. In the image above you can see a couple of examples of the virus versions.

WhatsApp virus versions

Just like with any other communications platform WhatsApp gets a fair share of interest from cybercriminals and trolls. While some hoaxes may lead to a full infection of the device, some are just there to be passed on, although initially provide no benefit for anyone – the biggest example is Whatsapp Martinelli 2020 scam, which keeps recurring each year, scaremongering confused users.

WhatsApp GhostCtrl virus

GhostCtrl is a Trojan that may disguise itself as a variety of different programs, including WhatsApp. When installed, the fake WhatsApp app will take over control of the device. Hackers may then start collecting any information they want, be it call logs, text messages, numbers on your contacts list, phone’s GPS location or web browsing history.

On top of that, WhatsApp GhostCtrl virus has the ability to enable/disable phone’s microphone and camera, meaning that you can be spied on both online and in real life. The fake app looks like a regular application. Thus it might be difficult to detect. Thus, you should always download apps only from reputable sources.

WhatsApp voice message Trojan virus

If you received a voice message from WhatsApp in your email, it is most likely that you are being targeted by scammers. The subject name of such spam emails says “Missed voicemail,” while the letter itself contains fabricated information on when the message was received and a link to play it.

Unfortunately, clicking the “Play” button will not get you anywhere but a malicious website that will try to trick you into installing one of WhatsApp viruses, such as Browser 6.5. Such programs are likely to be infected with ransomware or similar viruses, so you should be extremely careful!

WhatsApp Gold scam

It is yet another fraud scheme designed to trick credulous users into downloading malicious software disguised as a new WhatsApp feature. In particular, scammers have been spreading around messages urging victims to upgrade their accounts to WhatsApp Gold[7] premium version. The problem is that such a version does not exist.

When users click on the link indicated in the message, it immediately redirects them to malware-ridden sites and exposes users to a great risk of getting their devices infected.

While the WhatsApp Gold scam circulated the internet since 2016, it seems to continually make its re-appearances on Twitter and other social networks. In January 2019, users are again promised new features (new emojis, video calling, and similar) if they download a so-called premium service, which in reality would upload malware onto the device.

Various social networks are filled with fake message examples that should serve as a warning to users. In fact, ever Surrey Police tweeted on Sunday, warning about dangers of WhatsApp Gold:[8]

If you get a message saying to upgrade to ‘WhatsApp Gold’, do not click on it as you will be allowing a virus to be downloaded. Ignore the message and delete it – WhatsApp do their updates automatically.
#WhatsAppGold #WhatsApp #InternetSafety

WhatsApp Gold scam

WhatsApp Gold scam

WhatsApp trial service scam

Similar to the previously mentioned scam, WhatsApp trial service fraud is based on sending victims fake messages claiming that their one-year trial has expired and that the user must subscribe to extend it.

To get users hooked on this bogus offer, scammers encourage victims to connect to a “customer portal” and sign in using your WhatsApp login details. Then victims are then asked to provide their banking details to purchase a monthly or yearly subscription of the service. Of course, the submitted information lands in the hands of hackers which may charge you immense amounts of money for the services that don’t exist.

“Update WhatsApp” Messenger virus

On November 2017, security experts reported about malicious Update WhatsApp Messenger available on Google Play.[9] The application has been downloaded more than a million times. Fortunately, it was removed.

Cybercriminals created a visually similar app and managed to bypass Google’s security. They used the name of the developer, logo and other credentials in order to trick Android users that it’s the original app. However, there was a difference. Criminals added Unicode character space after the WhatsApp Inc. name. However, this minor change is hard to detect for ordinary users.

However, later unknown malware developers changed the name of the app to “Dual Whatsweb Update.” Additionally, the name of the developer was also removed. Though, it did not help to remain on Google Play store.

This WhatsApp virus version was used for displaying ads and installing other applications on the user’s Android phone. Users who downloaded WhatsApp updates from Google Play are suggested to check their smartphones’ security using anti-virus or anti-malware program. The malicious app may have installed spyware or other dangerous components on the system.

Adidas Whatsapp scam

Free Adidas shoes scam
WhatsApp users were promised a free pair of Adidas shoes to allegedly celebrate 93rd anniversary.

Free Adidas shoes scam
WhatsApp users were promised a free pair of Adidas shoes to allegedly celebrate 93rd anniversary.

Free Adidas shoes scam is another cleverly engineered hoax that targeted users worldwide, combing two big names – Adidas and WhatsApp. Users could get a message at any time via the app, promising a free pair of shoes. It stated:

Adidas is giving away 3,000 Free Pair of Shoes to celebrate its 93rd anniversary. Get your free shoes at: Adidas.com/shoes

Users were promised 3,000 shoe pairs for free, all they had to do is follow what seemed like a legitimate link to the official website. However, it is just a scam aiming at harvesting personal data of unsuspecting users.

Adidas was quick to deny these claims, saying that genuine giveaways are only available on the official website. However, researchers reported that the spoofed site was relatively popular considering Alexa rank, which means that thousands of victims could have had their personal details stolen without realizing it.[10]

“Olivia” message with the pornographic picture

The second week of September 2018 came with the news of WhatsApp scammers returning with a new campaign that targets children specifically. The first message appears to be from a person that claims to have a changed number and later on calls themselves “Olivia.” Children who receive the message have no clue who that is, and when asked, criminals offer to send the picture of themselves. Suddenly, a link is dropped to pornographic content. 

This incident came to light when Cheshire police in the UK asked people to check the phones of their children if they are using WhatsApp. This number from overseas concerned Halton Brook Police too and people replied to their Twitter post with various screenshots containing the same pattern of Olivia messages. 

WhatsApp Martinelli warning

WhatsApp Martinelli scam is one of the most notorious hoaxes around – it began years ago by an unknown individual, and users keep spreading the false message around, believing that it is true. Each year, the scam claims more victims, as many believe that, due to the message, their phones have been infected with malware.

The anonymous message typically warns about the Martinelli video, which allegedly will wipe their phone and it will be unfixable. Users are then asked to forward the message as the sign of courtesy – a typical statement that plays with humans emotions. The message reads as follows:

If you know anyone using WhatsApp you might pass on this. An IT colleague has advised that a video comes out tomorrow from WhatsApp called martinelli do not open it , it hacks your phone and nothing will fix it. Spread the word. If you receive a message to update the Whatsapp to Whatsapp Gold, do not click !!!!!
Now said on the news this virus is difficult and severe

Pass it on to all

While Martinelli video is a hoax and does not exist, the warning about Whatsapp Gold is actually accurate. Nevertheless, security experts from Sophos[11] ask users to discard the message entirely and not to pass it on to anybody.

The origins of WhatsApp Martinelli warning are unknown, although it was first spotted in Spain back in 2016. Additionally, there are several variants of the text message, but the content remains the same. Nevertheless, if you noticed WhatsApp Martinelli 2020 scam on your phone, never forward it to anybody and inform the sender that he or she has been tricked by a chain message hoax to prevent more people from being victims of it.

Whatsapp Martinelli scam
Whatsapp Martinelli scam is a recurring hoax that asks users to pass on the message to others

Whatsapp Martinelli scam
Whatsapp Martinelli scam is a recurring hoax that asks users to pass on the message to others

Cybercriminals use multiple ways to spread smartphone virus

There are a variety of different ways to get infected with malware:

  • You may click on an infectious add or link while browsing the web
  • Download malicious applications from sources outside official app stores
  • Receive a malicious link inside WhatsApp application itself
  • Receive a spam email containing a malicious link

To stay safe, you have to learn to be more skeptical about things. Security experts from Norway[12] suggest no to hurry to click on suspicious links, stay away from shady ads, be careful when opening email attachments and remember that WhatsApp will never contact you outside the app. If they do, it’s probably a scam.

The elimination of the WhatsApp viruses

Depending on a type of virus, you might need to employ different techniques to remove WhatsApp virus from your device.
In some cases, it might be enough to eliminate the damaged files by using an anti-virus which suits your OS. If it is infected with the malware, you might also need to restore the phone’s default settings or reinstall the application to complete full WhatsApp virus removal. Additionally, take a look at our useful tips on how to remove the virus from the Android device on our site.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.

This entry was posted on 2020-03-20 at 04:03 and is filed under Malware, Viruses.