The popular messaging app WhatsApp is spreading a new type of malware called 'Sorvepotel'. Cyber Security Agency Trend Micro said it was a harmful software that would store a large number of spam messages from infected accounts, not for theft or ransom of the user, but at risk of other accounts.
How does this malware work
According to researchers, sorvepotal spreads mainly using computers on the Windows operating system. First, cyber criminals send a zip file to the disguise of attractive messages or offers. The file was requested to open there.
Once the user opens the file, the malware becomes active and sends the same harmful files to the victim's contact and group through the WhatsApp web. As a result, the malware spread to many accounts in the moment.
Due to this automated spam spread, many users are being permanently banned for sending WhatsApp account spam messages.
The most dangerous side
The most dangerous aspect of the sorvepotele is its automatic infection process. When the WhatsApp web is launched on the infected computer, the malware begins to send a message to the user. This makes it difficult to prevent fraud, because it works automatically, not in human hands.
The analysis of the trend micro suggests that after the malware is activated, the PowerShelle script connects to the external server, which can subsequently download more harmful material or control the user's device.
To prevent
To prevent such fraud, users need to change some habits —
1. No files or links sent from unfamiliar source can be opened.
2. The 'Auto Download' feature should be stopped, so that no files do not come to the device without permission.
1. After logging in on the WhatsApp web, you need to log out at the end of use.
1. Keep update on antivirus and security software and take quick action if there is suspicious activity.
According to cyber security analysts, popular platforms like WhatsApp are now one of the goals of cyber criminals. Therefore, awareness, scrutiny and caution can be the biggest protection to be safe online.
References: The Hacker News