used to spread Whatsapp malware

Home – Latest Cyberwar News Forums Malware & Phishing research used to spread Whatsapp malware

This topic contains 3 replies, has 2 voices, and was last updated by  r-p 1 year, 6 months ago. This post has been viewed 10391 times

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • #47070 Reply


    Beware of the domain, is being used by cybercriminals to spread malware.

    Once you navigate to the full domain, you will see that an NGINX server is running.

    The malicious links which are currently active on

    The environment seems to be setup in order to obtain personal information from unaware internet users. The links which have been listed above – lead to pages which demand personal information and actions from the visitor.

    We strongly advice everyone to be aware of this malicious domain and to surf the web with care.

    More information about the malicious history of “” can be found at VirusTotal:

    #47078 Reply

    Andriod user

    I guess my phone is somehow infected by this appflv malware. I’ve never visited the site but keep getting a pop-up that automatically redirects me to the webpage when I use Google Chrome. Any idea how I am supposed to remove this?

    #47080 Reply


    For me it is still unclear from where this pop-up is activated. I think the only way to be certain is to remove applications from your device which you have recently installed..

    #47082 Reply


    Phone received a new motherboard, so it was clean a week ago (Android 5 on S4)
    I installed:
    Coindozer and Coindozer Seasons
    Galaxy Chargong Current *Free*
    CSR racing

    I already have this message again… like I did before the boardswap on Android 4.
    So assuming it is from an app, then those are likely suspects.
    I hope I didn’t overlook an installed app and am pointing fingers at the wrong apps…

Viewing 4 posts - 1 through 4 (of 4 total)
Reply To: used to spread Whatsapp malware
Your information: