WhatsApp Pink Malware Can Auto-Reply to Multiple Messaging Apps

whatsapp pink malware

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

An Android worm named WhatsApp Pink malware has been found spreading and targeting WhatsApp users in the Indian subcontinent.

The worm has been updated with advanced capabilities that can automatically respond to messages received on multiple instant messaging apps.

What has happened

A security researcher has warned WhatsApp users of a new malware spreading via WhatsApp group messages containing links to scam sites. The app promotes itself to be a pink-themed version of WhatsApp.

  • The malicious application is spreading via malicious links appearing within messages that read: Apply New Pink Must-Try New WhatsApp. http://XXXXXXXX/?whatsapp. 
  • When a user clicks on the link, they will be redirected to a page where they can download the WhatsApp Pink malware APK. The page has a download button that, when clicked, downloads the malicious file, WhatsappPink[.]apk. 
  • This worm is in fact a variant (detected as Android/Spams.V) of another malware, a fraudulent Huawei app, that was spotted earlier this year. It can auto-reply to messages received on Signal, Viber, Skype, and Telegram.

Recent attacks on WhatsApp 

In recent months, there had been several incidents where malware mimicked legitimate WhatsApp applications or threat actors used malicious links to spread and infect unsuspecting users with malware.

  • A threat group, Arid Viper, was found using 41 phishing sites to spread its Android spyware with snooping features. The spyware pretended to be fake versions of messaging apps WhatsApp and Threema.
  • Recently, Check Point Research discovered the FlixOnline malware hidden in a fake application on Google Play. The malware has the ability to propagate itself via users’ WhatsApp messages.


Researchers surmise that this latest variant of Whatsapp Pink malware could be just a test and they hinted that more variants may be spotted in the near future. Thus, users who have downloaded this malicious app can remove it from the Settings and App Manager submenu. In addition, users should scan their Android device with an anti-malware app.

Subscribe To Our Newsletter

More To Explore

Wanna take it to the next level?

drop us a line and let's get started

We're Here To help

Feel free to contact us, and we’ll be more than happy to answer all of your questions.

a2Da Digital

a2Da Digital is a brand of a2Da Enterprises

Ahtri 12
10151 Tallinn, Estonia

[email protected]

+372 712 4283
Hours : 08:00 to 18:00 Mon – Fri
Support 24×7 Submit a Ticket Here
Registered in Tallinn, EE : 14740580
VAT : EE102279616

By completing this form, you consent to a2Da Digital, in its capacity as data controller, collecting your data in order to be able to respond to your message. To assert your right of access or removal, see our Privacy Policy.

Our company is a collective of amazing people striving to build solutions you need.

Actual people, easy to contact and who know what they are doing, these are the members of the team you will deal with.
We all speak French and English and will be able to answer all your questions as quickly as possible.
Just drop an email at [email protected] with your question.

We have both eyes on our equipment, update and maintain it ourselves 24/7 and have constructed an architecture that we believe is sound, secured, efficient and cost effective. We own our servers, we do not resell hosting packages!