If you ever receive an email notification saying that you missed a call on Viber, make sure that you don’t open it. The users of this free calling and texting platform are now being attacked by new dangerous malware Asprox Botnet. They are being tricked to receive the malicious content by sending them a notification for a missed call or message with the body containing a link to what it says as a recorded audio. The link would even contain information such as the time and date of the ‘missed’ call but the URL that it directs the user to is an infected web server.
The Criminals Behind the Malware
According to researchers of malware, the criminals who developed and spread Asprox Botnet on emails of Viber users are professionals in the field because they were able to hide the malicious nature by taking special precautions that include verification of the web browser, the IP address and not allowing of multiple tries.
If all the requirements are met, the Trojan is then installed and downloaded to the handset that by the time that it is launched it will have the user subscribed to the Asprox Botnet malware automatically.
Asprox Botnet started circulating in the internet in 2008 with it initially used to spread huge amounts of spam until it began stealing credentials and offering fake pay per click advertising online.
In delivering harmful content to devices, this malware uses web servers that have been compromised in the past and doing so makes it very difficult to detect even by the best antivirus software of today.
Viber states that it doesn’t send such a notification and it says that it is the criminals who aim to take control of the device of the user to install further malware. What this malware will likely harvest are sensitive details of the users like passwords, saved banking information and other important data for scam and spam campaigns.
It can be remembered that the same malware sending missed voicemail notifications also attacked WhatsApp users wherein they were tricked to click the ‘listen’ link and install malware on their device.
What Viber advises its users moving forward is to not open fake notification emails that say something about missing a call from someone. This should be the workaround to follow until such time that the company is able address the issue and totally gets rid of Asprox Botnet.