The Priyanka WhatsApp worm scare – where are the facts?

WhatsAppBad news if your name is Priyanka. Nobody wants to be your friend on WhatsApp right now.

That’s because a blog called The Android Soul published what they called a “public service announcement” last week about an apparent “virus” called Priyanka, that they said was spreading across the WhatsApp messaging platform.

A blogger going by the name of “Shivam” claimed that the Priyanka virus was spreading on Whatsapp via a contacts file. If you added “Priyanka” to your contacts it would “change the name of all the groups you have on your Whatsapp to “Priyanka”, and in the worst case, it may also replace all your contacts name to ‘Priyanka’ as well.”

Alleged WhatsApp malware attack

Shivam offered an iron-clad defence for anyone who wanted to protect their WhatsApp from Priyanka:

"..in case you receive a contact file named “Priyanka” from anyone on Whatsapp or by any other way, make sure that you do NOT add/save it to your contacts. It can’t do any harm without getting added to your contacts database so just DON’T save it."

In short, tough luck if your name is Priyanka and you want to use WhatsApp.

Naturally enough, the juicyingredients of WhatsApp and a spreading malware threat made a perfect recipe for some media outlets to write about the “virus”, reproducing Shivam’s screenshot and his advice on how to remove the virus from affected Android devices.

Priyanka headlines

But there is something missing from all of these media reports – namely, any quote from WhatsApp and any confirmation of the threat from the usual players in the computer security industry. If a worm really *was* spreading across the tremendously popular WhatsApp smartphone app, wouldn’t you expect the likes of Kaspersky, McAfee, Symantec, et al to be talking about it?

From my Googling, I’ve been unable to find any technical write-up or confirmation of the “Priyanka” threat from any security research group. Indeed, researchers at Kaspersky and Sophos were kind enough to get back to me to confirm that they had seen no samples. And there’s no mention at all of Priyanka on the WhatsApp website. All we seem to have is Shivam at The Android Soul, and other folks retweeting his screenshot.

In fact, when I search for “Priyanka” all I find are tech stories repeating what The Android Soul said, or celeb magazines publishing promotional puff pieces about Bollywood starlet Priyanka Chopra.

Is it possible that this whole incident has been entirely overblown?

I’m not saying that Shivam at The Android Soul is telling fibs. But it might just be possible that what he experienced was a glitch in WhatsApp that just happened to occur to him.

I think we should consider the jury to be out as to whether a Priyanka virus really exists until we see a proper write-up and independent confirmation, rather than just rely on one person’s interpretation of what happened on their mobile phone.

Remember, it’s not so long ago that we were regularly seeing Facebook users warning each other not to add specific people as friends because they were “hackers”, and those turned out to be a hoax.

Facebook hoax

Of course, it is still possible that WhatsApp did have a vulnerability that was exploited by a rogue contact, that was somehow injected into their network. And maybe it did have virus-like qualities.

But until that is confirmed, my money is more on some WhatsApp users having a buggy experience, and poor Priyanka being an innocent party mixed up in it all. Until more is known, I think we should remain skeptical and learn not to rush into believing something before we have had proper confirmation of the facts in future.

Tags: , , , ,

, , , ,

One Response

  1. Leonardo July 13, 2013 at 9:08 am #

    Sophos saw no samples but published a post about it:

    http://bit.ly/12t5EIS

Leave a Reply