Beware of a new Whatsapp virus campaign which claims that your Whatsapp has expired. We spotted this Whatsapp virus while we were surfing the web. The Whatsapp virus uses multiple domains to lure unaware users into their scam which will get the devices of those users infected with unwanted programs and malware.
But it is not only Whatsapp which this “group” or “person” is targeting, we noticed that they have malformed Adobe domains, which they can use to spread fake Adobe updates and fixes.
The domains below should be considered dangerous and malicious – do not navigate to those sites if you do not know what you are doing (friendly warning)
The domain oloooo.com triggered our attention, but the Whatsapp virus is also operating (or has operated) via the following domains:
- 2015-12-17 so978.com
- 2015-12-16 www.cncufe.com
- 2015-12-05 www.oloooo.com
- 2015-11-17 web.whatsapp.cm
- 2015-11-06 gusthepug.com
- 2015-10-27 oloooo.com
- 2014-06-20 adobaaoan.us
- 2014-06-18 adobooan.us
- 2014-06-14 adoboon.us
- 2014-06-14 download.adoboaoon.us
- 2014-06-14 download.flash.com.ukflash.club
- 2014-06-14 download.flash.com.uktracks.club
- 2014-06-14 www.adobooan.us
- 2014-06-12 adobaaon.us
- 2014-06-12 download.adobooaan.us
- 2014-06-10 adobaoaob.us
- 2014-06-10 adobooaba.us
- 2014-06-10 download.adobaaoan.us
- 2014-06-10 download.adobaaon.us
- 2014-06-10 download.adobooan.us
The domains which are shown above all resolved to IP 126.96.36.199.
It is strongly advised to be aware of these scams, hoaxes and hack attempts – Whatsapp is a free application, and it will stay free.