Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

WhatsApp Pink malware spreads via group chat messages

A WhatsApp malware dubbed WhatsApp Pink is able to automatically reply to victims’ Signal, Telegram, Viber, and Skype messages. A WhatsApp malware dubbed WhatsApp Pink has now been updated, authors have implemented the ability to automatically respond to victims’ Signal, Telegram, Viber, and Skype messages. WhatsApp Pink is a fake app that was first discovered this week, […]

Wi-Fi

A WhatsApp malware dubbed WhatsApp Pink is able to automatically reply to victims’ Signal, Telegram, Viber, and Skype messages.

A WhatsApp malware dubbed WhatsApp Pink has now been updated, authors have implemented the ability to automatically respond to victims’ Signal, Telegram, Viber, and Skype messages.

WhatsApp Pink is a fake app that was first discovered this week, it poses as a “pink” themed version of the legitimate app. The tainted app includes malicious code that allows attackers to fully compromise a device, most of the infections were reported by WhatsApp users in the Indian subcontinent

The security expert Rajshekhar Rajaharia recently discovered that WhatsApp Pink is able to spread via group chat messages that contain APK download links.

The link shared via group messages points to a page where visitors can download the WhatsApp Pink APK (WhatsappPink.apk).

Early this year, the ESET malware researcher Lukas Stefanko discovered an Android malware implementing wormable capabilities, like WhatApp Pink, it was spreading through WhatsApp chat messages.

Below the video shared by Stefanenko showing WhatsApp Pink:

https://www.instagram.com/reel/CN10sNGg2b8/?igshid=ayxxmsjaobv0

“This updated version of the Trojan does not send automatic responses only to messages that arrive from WhatsApp, but also to messages received in other instant messaging applications, which could be the reason for its apparent wider spread,” said Stefanko.

“The Trojan sends these automatic responses to any message that the user receives in applications such as WhatsApp, WhatsApp Business, Signal, Skype, Viber, Telegram.”

Once the app is installed on the device, when the user will click on its icon, the app disappears claiming that it was never even installed.

“The victim will then receive a message, to which they will have to reply in order to unwittingly cause it to propagate further.” reads the post published by ESET.

Experts from ESET speculate the app is under development, it could be a “test version,” and more malicious variants could be developed in the future.

The good news is that Android users that have installed the WhatsApp Pink app can simply remove it from the Settings and the App Manager submenu.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, WhatsApp)

[adrotate banner=”5″]

[adrotate banner=”13″]