An old internet hoax has resurfaced, falsely linking the recent earthquake in Myanmar and Thailand to a claim that clicking on 'Seismic Waves CARD', a malware disguised as earthquake photos circulating on WhatsApp, will hack a user's phone in 10 seconds.
BOOM found no credible evidence that a malware or device hacker called 'Seismic Waves CARD' exists. We also noticed that the message copies elements from similar previous hoax warnings linking to cyberattacks targeting Jewish people and the Moroccan earthquakes.
A powerful 7.7-magnitude earthquake struck Myanmar on March 28, 2025, triggering a surge of visuals online showing high-rise buildings shaking and widespread structural damage. According to news reports, the tremor was felt across multiple countries and resulted in over 3,000 deaths in Myanmar. The hoax is being spread in this context.
The viral message circulating on social media reads, "They are going to upload some photos of the earthquake in Myanmar and Thailand on Whatsapp. The file is called Seismic Waves CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV Share it!"
Click here to view one such post and here for an archive.
Fact Check
BOOM found no credible evidence that a malware or device hacker called 'Seismic Waves CARD' exists. A related keyword search led to an NBC News article from October 9, 2023, which reported on the same hoax, previously linked to a cyberattack targeting Jewish people and the Moroccan earthquakes.
The article reports, "The message copies elements of a previous hoax warning from just several weeks ago, warning of a “Seismic Waves CARD” download related to the Moroccan earthquakes." It also cites WhatsApp Communications Manager Emily Westcott, who stated that similar rumours have circulated before and reaffirmed the company’s previous statement that the “Seismic Waves” hacking messages are false.
We read through the viral warning message and noticed that it misrepresents how scams on WhatsApp works and also provides false information on how the app functions. It is important to note that WhatsApp users do not need a third-party application to view or send photos.
According to WhatsApp, the platform usually notifies users if a file is suspected to be malicious or in an unsupported format. If a file sent or received on WhatsApp appears unusual, potentially indicating it is dangerous, corrupted, or unsupported, the platform prevents users from opening or sharing it for security reasons.
The Meta-owned platform says, "WhatsApp automatically performs checks to determine if a file is suspicious, to ensure that the format is supported on WhatsApp and doesn’t crash the app on your device. To protect your privacy, these checks take place entirely on your device, and because of end-to-end encryption, WhatsApp can’t see the content of your messages."
WhatsApp has also provided tips to help users stay safe from suspicious messages and contacts. These tips are listed below.
BOOM's Decode, reported that one of the major WhatsApp scams in 2024 involved sending APK (Android Package Kit) files disguised as essential downloads. Victims who installed these files unknowingly activated malware, putting their personal data at risk or enabling unauthorised transactions.
WhatsApp also warns users to carefully inspect links and files before opening them, as they may appear legitimate but could be malicious and compromise the device.