Microsoft has warned WhatsApp users in India about high-risk Android malware that can compromise sensitive information and even give hackers control over infected devices. The threat, DogeRAT, is a remote access Trojan first brought to light by cybersecurity startup CloudSEK. It is designed to gain unauthorized access to infected smartphones and can be disguised as apps like ChatGPT, Opera Mini and even as “premium versions” of YouTube, Netflix, and Instagram. Once downloaded, it can gain unauthorized access to contacts, messages, and banking credentials.
The attack uses social engineering tactics, impersonating a legitimate organization such as a bank, government agency, or utility to trick the victim into downloading the malicious app onto their device. Once the user installs the app, it allows attackers to connect to a server controlled by them and carry out their instructions. This can lead to unauthorized transactions, identity theft, and other cyber-attacks.
Affected users can take several steps to protect themselves. First, they should ensure their smartphone is up to date and that they have installed all available security updates. They should also ensure they only download apps from reputable sources and are careful about the permissions they grant to apps. Finally, they should use security features such as multi-factor authentication to help protect their accounts.
While business impersonation is not a new type of scam, it has become popular amongst cybercriminals and can devastate your reputation. These attacks can be carried out through email, SMS, social media, and live video calls. Here are some of the most common ways in which they are used:
Whether running a small or large business, online impersonation attacks can hurt your bottom line and brand. Learn more about how these attacks work and how to prevent them from impacting your business.
WhatsApp users in India are particularly at risk of being targeted by scammers, as the country represents 4 out of every ten global digital payments and has a national digital ID program known as Aadhaar that covers nearly all its citizens. Microsoft warned in a blog post that the country’s massive population of WhatsApp and Android users could be susceptible to deceptive social media messages, encouraging them to download malware.
The company’s blog post notes that the latest WhatsApp version is now available and includes a scanning feature to help detect such messages. In addition, the update addresses an integer overflow vulnerability that could allow attackers to execute code in a video call on a compromised system. The company recommends that all users update their WhatsApp app to the latest version.