This WhatsApp upgrade warning message is not all it seems
WhatsApp announced that it had hit the two billion user milestone on February 12. Those users are now being exposed to a recurring security risk. That risk revolves around a warning that spread about a malicious WhatsApp message that first appeared back in 2016. The warning, which spread virally as these things have a habit of doing, involved a supposed WhatsApp invitation to upgrade to WhatsApp Gold. Accept the invite, and users would be asked to click a download link, which in turn would install malware on their device. This special edition app never, of course, existed. Nor, as far as I can tell, did the WhatsApp invitation that people were warning about or, indeed, any malware payload. It was, dear reader, a hoax. A viral hoax that existed, for all intents and purposes, just to spread to as many users as possible. And now it is back, and there are security implications, which is why I’m warning, erm, about the warning.
WhatsApp Gold, Martinelli and the Dancing Pope
The current WhatsApp hoax message, which claims the warning was announced on BBC news, urges people not to click on a message to update to WhatsApp Gold. It also then requests the recipient to inform all their contacts not to open a video that is bizarrely called “Dance of the Pope” as it’s malware that will format their smartphone. Another variation of the same hoax warns readers not to open a video called “Martinelli” as doing so “hacks your phone and nothing will fix it.” These hoax WhatsApp messages are the modern equivalent of the old chain letter that urged the reader to send copies on to ten people, or something terrible would happen to them. Unsurprisingly, the Dance of the Pope, Martinelli, or WhatsApp Gold messaging has now started spreading on social media as well.
The clues that this is a hoax are all right there, as information security veteran, Graham Cluley, said: “There’s no mention of what mobile operating system the malware runs on. There’s no link to the BBC News report which it is claimed warned about the virus.”
The security implications of hoax message distribution
So, you are probably thinking, just ignore it and move on. Even if you do get caught out and have shared with others, it’s no harm, no foul, right? Wrong. The real problem with this kind of hoax messaging that goes viral is that it can then turn into what it purports to be: a malware distribution tool. All sorts of cybercriminals will use whatever theme has captured the zeitgeist of the time. We have sadly seen that currently with ransomware gangs targeting healthcare workers with coronavirus-related phishing lures, and the FBI warning of a significant spike in such COVID-19 cyber-scams. The more people pass the hoax upgrade message warning on to others, the more likely it is that the warning itself will include a link to real malware. Indeed, it has been reported that the smartphone hacking of the world’s richest man, was initiated with malware sent via a WhatsApp message.
“It is certainly possible for malicious attachments to cause havoc on phones,” Jake Moore, a cybersecurity specialist at ESET, says, “like what happened with Jeff Bezos.” Ordinarily, I would say it’s vital to validate any messages with the sender before forwarding to anyone. Still, in the case of WhatsApp Gold, the sender believes it to be accurate, or they wouldn’t have sent it in the first place. “There’s enough fake news going around without this to contend with,” Moore says, “so if you ever see a message that requests it to be passed on, then resist the temptation, delete it and make the sender aware of this misinformation spreading.”
To stay safe, WhatsApp has said that it encourages users “to think carefully before you decide to share something. Ask yourself: would you want others to see what you’ve sent?”