The Priyanka WhatsApp worm scare - where are the facts?


WhatsAppBad news if your name is Priyanka. Nobody wants to be your friend on WhatsApp right now.

That’s because a blog called The Android Soul published what they called a “public service announcement” last week about an apparent “virus” called Priyanka, that they said was spreading across the WhatsApp messaging platform.

A blogger going by the name of “Shivam” claimed that the Priyanka virus was spreading on Whatsapp via a contacts file. If you added “Priyanka” to your contacts it would “change the name of all the groups you have on your Whatsapp to “Priyanka”, and in the worst case, it may also replace all your contacts name to ‘Priyanka’ as well.”

Alleged WhatsApp malware attack

Shivam offered an iron-clad defence for anyone who wanted to protect their WhatsApp from Priyanka:

" case you receive a contact file named “Priyanka” from anyone on Whatsapp or by any other way, make sure that you do NOT add/save it to your contacts. It can’t do any harm without getting added to your contacts database so just DON’T save it."

In short, tough luck if your name is Priyanka and you want to use WhatsApp.

Naturally enough, the juicyingredients of WhatsApp and a spreading malware threat made a perfect recipe for some media outlets to write about the “virus”, reproducing Shivam’s screenshot and his advice on how to remove the virus from affected Android devices.

Priyanka headlines

But there is something missing from all of these media reports - namely, any quote from WhatsApp and any confirmation of the threat from the usual players in the computer security industry. If a worm really *was* spreading across the tremendously popular WhatsApp smartphone app, wouldn’t you expect the likes of Kaspersky, McAfee, Symantec, et al to be talking about it?

From my Googling, I’ve been unable to find any technical write-up or confirmation of the “Priyanka” threat from any security research group. Indeed, researchers at Kaspersky and Sophos were kind enough to get back to me to confirm that they had seen no samples. And there’s no mention at all of Priyanka on the WhatsApp website. All we seem to have is Shivam at The Android Soul, and other folks retweeting his screenshot.

In fact, when I search for “Priyanka” all I find are tech stories repeating what The Android Soul said, or celeb magazines publishing promotional puff pieces about Bollywood starlet Priyanka Chopra.

Is it possible that this whole incident has been entirely overblown?

I’m not saying that Shivam at The Android Soul is telling fibs. But it might just be possible that what he experienced was a glitch in WhatsApp that just happened to occur to him.

I think we should consider the jury to be out as to whether a Priyanka virus really exists until we see a proper write-up and independent confirmation, rather than just rely on one person’s interpretation of what happened on their mobile phone.

Remember, it’s not so long ago that we were regularly seeing Facebook users warning each other not to add specific people as friends because they were “hackers”, and those turned out to be a hoax.

Facebook hoax

Of course, it is still possible that WhatsApp did have a vulnerability that was exploited by a rogue contact, that was somehow injected into their network. And maybe it did have virus-like qualities.

But until that is confirmed, my money is more on some WhatsApp users having a buggy experience, and poor Priyanka being an innocent party mixed up in it all. Until more is known, I think we should remain skeptical and learn not to rush into believing something before we have had proper confirmation of the facts in future.

Tags: , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , ,

2 Responses

  1. Leonardo

    July 13, 2013 at 9:08 am #

    Sophos saw no samples but published a post about it:

  2. sayan

    January 23, 2015 at 11:23 am #

    I have received such a file from one of my contacts which I did not save. However the contact who sent it seems to be infected, so there is something to it.…may not be a big threat.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.