Hackers have started a new campaign in which they have chosen WhatsApp as the primary malware-distributing platform. In this campaign, hackers are distributing the malware through 2 files namely “NDA-ranked-8th-toughest-
According to IBTimes, Android users in India are the key targets of this new WhatsApp scam. However, there isn’t any particular operating system that is being cited as the most affected one. It is worth noting that these sorts of malware campaigns are usually designed to work on Google’s operating system instead of the iOS.
The reason why Indian android OS users are frequently being targeted by hackers in such campaigns is that Indian market is very popular for low-cost, cheap Android smartphones that run on older versions of the android OS.
Hackers are attacking two key organizations in India to compel users to click on the word documents attached in the malicious WhatsApp message. This message has names of two major organizations of India namely National Defense Academy/NDA and National Investigation Academy/NIA. These files are in Excel format mainly but versions of these files in Word and PDF formats have also been identified.
Authorities in India have already issued security alerts to the concerned authorities since it is being speculated that this new campaign attacks law enforcement authorities and military personnel in the majority. “It has been analyzed that the men and women in defense, paramilitary and police forces could be the target groups,” believe security officials in India.
According to the Economic Times, the NIA and NDA are very popular organizations in India as well as abroad; there is a high level of curiosity about the way these organizations function among masses, which is why people are so interested in opening the infected attachments on WhatsApp. At the moment it isn’t clear what else this malware performs when the files are opened and if WhatsApp has taken any action in this regard to prevent users from getting affected.
This is not the first time when Indian defense sector has come under sophisticated online scam. Last year, TrendMirco, an IT security firm exposed Pakistan linked hackers targeting military officials through a spear-phishing mechanism. Before that, Google even removed an Android app “SmeshApp” after receiving an official complaint from the government of India that Pakistani hackers have been spying on Indian military through that app.
That’s not all, the Indian government also blamed Pakistan for using malware infected gaming and music apps to spy on the smartphones of military officials. However, in the latest scam, India has not officially blamed Pakistan or any other country.
If you want to prevent the threat then you must never click on unknown links regardless if these have been received through authentic platforms such as WhatsApp. Remember, today, it is the Indian users being infected and tomorrow it can be you. So be careful and never download apps from a third-party store.