WhatsApp Pink Malware Can Auto-Reply to Multiple Messaging Apps

whatsapp pink malware

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

An Android worm named WhatsApp Pink malware has been found spreading and targeting WhatsApp users in the Indian subcontinent.

The worm has been updated with advanced capabilities that can automatically respond to messages received on multiple instant messaging apps.

What has happened

A security researcher has warned WhatsApp users of a new malware spreading via WhatsApp group messages containing links to scam sites. The app promotes itself to be a pink-themed version of WhatsApp.

  • The malicious application is spreading via malicious links appearing within messages that read: Apply New Pink Must-Try New WhatsApp. http://XXXXXXXX/?whatsapp. 
  • When a user clicks on the link, they will be redirected to a page where they can download the WhatsApp Pink malware APK. The page has a download button that, when clicked, downloads the malicious file, WhatsappPink[.]apk. 
  • This worm is in fact a variant (detected as Android/Spams.V) of another malware, a fraudulent Huawei app, that was spotted earlier this year. It can auto-reply to messages received on Signal, Viber, Skype, and Telegram.

Recent attacks on WhatsApp 

In recent months, there had been several incidents where malware mimicked legitimate WhatsApp applications or threat actors used malicious links to spread and infect unsuspecting users with malware.

  • A threat group, Arid Viper, was found using 41 phishing sites to spread its Android spyware with snooping features. The spyware pretended to be fake versions of messaging apps WhatsApp and Threema.
  • Recently, Check Point Research discovered the FlixOnline malware hidden in a fake application on Google Play. The malware has the ability to propagate itself via users’ WhatsApp messages.


Researchers surmise that this latest variant of Whatsapp Pink malware could be just a test and they hinted that more variants may be spotted in the near future. Thus, users who have downloaded this malicious app can remove it from the Settings and App Manager submenu. In addition, users should scan their Android device with an anti-malware app.

Subscribe To Our Newsletter

More To Explore

Wanna take it to the next level?

drop us a line and let's get started

We're Here To help

Feel free to contact us, and we’ll be more than happy to answer all of your questions.

a2Da Digital

a2Da Digital is a brand of a2Da Enterprises

Ahtri 12
10151 Tallinn, Estonia

[email protected]

+372 712 4283
Hours : 08:00 to 18:00 Mon – Fri
Support 24×7 Submit a Ticket Here
Registered in Tallinn, EE : 14740580
VAT : EE102279616

By completing this form, you consent to a2Da Digital, in its capacity as data controller, collecting your data in order to be able to respond to your message. To assert your right of access or removal, see our Privacy Policy.

Notre entreprise est un collectif de personnes extraordinaires dont le seul objectif est de construire les solutions dont vous avez besoin.

Des interlocuteurs disponibles, compétents et à votre disposition pour vous aider à définir vos besoins et les traduire en outils performants et faciles à utiliser.

Nous répondons à vos demandes au plus vite de manière claire et compréhensible.

Contactez nous à [email protected] avec vos questions.

Nous maintenons nous même notre matériel 24/7 et avons construit une infrastructure sécurisée, efficace et fiable.

Ceci nous permet de vous proposer des produits adaptés à tous les budgets et à forte valeur ajoutée.

Nous ne revendons pas des packs d’hébergement… Nous disposons de nos propres serveurs, maintenus, mis à jour et gérés par nos propres équipes.