The ability to work with just about any type of file the way you want to is one of the big advantages of the Android platform, but it can sometimes be exploited to harm users, and that's what seems to have happened to a number of WhatsApp users recently. Some malware has reportedly been making the rounds on the service, apparently originating from India. The malware comes in the form of fake Microsoft Excel files disguised as official business or documentations about two Indian government organizations, the NDA, or National Defense Agency, and the NIA, or National Investigation Agency. This disguised malware has the ability to obtain all sorts of privileges and information, gaining control of a victim's device and gleaning information like passwords and bank information.
Reports are saying that the two fake files are usually found named as "NDA-ranked-8-toughest-College-in-the-world-to-get-into.xls" and "NIA-selection-order-.xls", though these are probably not the only names for the files floating around. All it takes for the malware to activate and begin stealing user information is for the user to give the file a click in an attempt to view it or edit it, no matter what app they may choose to open the file with. Central Security forces within India have been alerted of the malware's circulation. Popular speculation says that the files may be targeted at individuals who are actually involved with the government or the military, or who may be interested in or involved in international affairs.
While the original malware has been reported to government officials, it will likely continue to spread. Copycat malware could also surface, with different file formats, names, and other characteristics. Essentially, the takeaway here is that malicious files of all sorts can make it through WhatsApp, and users should be extremely cautious about opening files they receive over the service. The malware at hand affects Android devices, but there is no word on whether a variant for other operating systems is in the works; WhatsApp's services can be accessed on a number of other platforms, including web browsers, iOS, and even Chrome OS. Users on all platforms are advised to only open files from trusted sources.