A new wave of malicious APK files is being shared via WhatsApp under the guise of “New Year Greetings.” Once installed, the malware takes complete control of the device, intercepts bank OTPs, and uses the victim’s account to automatically resend the scam link to all contacts, turning personal devices into distribution hubs for financial fraud.
Business Impact
This is a “Work-Life computing” risk. If an employee installs this on their work-profile phone, the malware can capture notifications from work apps and intercept two-factor authentication (2FA) codes. For consultancies in Bahrain, this poses a high risk for account takeovers during the holiday transition.
Why It Happened
Attackers exploit the high volume of legitimate holiday messages. They use cultural localization—sending messages in Hindi, Arabic, or English—to seem authentic. The malware specifically requests “Notification Access” to read SMS and Banking alerts.
Recommended Executive Action
Push a “Holiday Safety” notification to all staff. Advise them to never install .apk files received via messaging apps and to review “Notification Access” permissions in their phone settings. Remind staff that legitimate banks never send verification links via WhatsApp.
Hashtags: #WhatsAppScam #MobileMalware #NewYear2025 #OTPtheft #SocialEngineering #CyberSecurity #BahrainSecurity