Publish Forum topic Publish your post to the cyberwarzone forum for free and no registration!

WhatsApp virus send by email

Beware of you receive an email which claims to be send from your Whatsapp client / device. Screenshots have been released which shows how cybercriminals are trying to infect unaware internet users by claiming that they have received “A Sound Memo”.

The attack focusses on unaware users which are using their email client. The potential victims receives an email which claims that someone has left an audio message on their Whatsapp client. To make it easier for the victim, the “audio message” has been included in the mail as an attachment.

Once the user clicks and opens the attachment, the user will be infected with the “Kazy Trojan” which is an virus that has been build with the Metasploit module on Kali Linux.

This Trojan allows the attacker to fully control the infected device, meaning that personal, financial and classified information can be stolen by a single click.

In this particular case, the malware communicates with the following domains via port 80:

  1. thickoclock.net
  2. classoclock.net
  3. movementshore.net
  4. outsideshore.net
  5. movementwritten.net
  6. outsidewritten.net
  7. movementdollar.net
  8. outsidedollar.net
  9. movementrealize.net
  10. outsiderealize.net
  11. buildingshore.net
  12. eveningshore.net
  13. buildingwritten.net
  14. eveningwritten.net
  15. buildingdollar.net
  16. eveningdollar.net
  17. buildingrealize.net
  18. eveningrealize.net
  19. storeshore.net
  20. mightshore.net
  21. storewritten.net
  22. mightwritten.net
  23. storedollar.net
  24. mightdollar.net
  25. storerealize.net
  26. mightrealize.net
  27. doctorshore.net
  28. prettyshore.net
  29. doctorwritten.net
  30. prettywritten.net
  31. doctordollar.net
  32. prettydollar.net
  33. doctorrealize.net
  34. prettyrealize.net
  35. fellowshore.net
  36. doubleshore.net
  37. fellowwritten.net
  38. doublewritten.net
  39. fellowdollar.net
  40. doubledollar.net
  41. fellowrealize.net
  42. doublerealize.net
  43. brokenshore.net
  44. resultshore.net
  45. brokenwritten.net
  46. resultwritten.net
  47. brokendollar.net
  48. resultdollar.net
  49. brokenrealize.net
  50. resultrealize.net
  51. prepareshore.net
  52. desireshore.net
  53. preparewritten.net
  54. desirewritten.net
  55. preparedollar.net
  56. desiredollar.net
  57. preparerealize.net
  58. desirerealize.net
  59. strengthshore.net
  60. stillshore.net
  61. strengthwritten.net
  62. stillwritten.net
  63. strengthdollar.net
  64. stilldollar.net
  65. strengthrealize.net
  66. stillrealize.net
  67. movementcharacter.net
  68. outsidecharacter.net
  69. movementladder.net
  70. outsideladder.net
  71. movementboard.net
  72. outsideboard.net
  73. movemententer.net
  74. outsideenter.net
  75. buildingcharacter.net
  76. eveningcharacter.net
  77. buildingladder.net
  78. eveningladder.net
  79. buildingboard.net
  80. eveningboard.net
  81. buildingenter.net
  82. eveningenter.net
  83. storecharacter.net
  84. mightcharacter.net
  85. storeladder.net
  86. mightladder.net
  87. storeboard.net
  88. mightboard.net
  89. storeenter.net
  90. mightenter.net
  91. doctorcharacter.net
  92. prettycharacter.net
  93. doctorladder.net
  94. prettyladder.net
  95. doctorboard.net

whatsapp-virus

In the screenshot above, you can see how the “malicious Whatsapp” mail tries to lure unwanted actions from the potential victim.

Please spread the word :)

  • RSS
  • Follow by Email
  • Facebook
  • Google+
    http://cyberwarzone.com/whatsapp-virus-send-by-email/">