In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Elon Musk’s X hit by waves of outages in what he claims is ‘a massive cyberattack’
March 10, 2025
Elon Musk’s X has been hit by three waves of outages since this morning, which the billionaire claims was due to a cyberattack. According to outage tracking site DownDetector, the problems began around 6 am ET when up to 20,538 users reported problems. The issues temporarily died down before nearly 40,000 users reported outages at 10 ...
- Allstate sued for not reporting data breach of 165,000 New Yorkers
March 10, 2025
New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information. The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. ...
- Fake CAPTCHA websites hijack your clipboard to install information stealers
March 10, 2025
There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may sound like something trivial to steer clear from, but apparently it’s not because the social engineering behind it is pretty sophisticated. At first, these attacks were more targeted at people that ...
- Japanese telco giant NTT Com says hackers accessed details of almost 18,000 organizations
March 10, 2025
Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals. The Tokyo-based NTT Com, which provides phone and network tech to enterprises, said it discovered the data breach on February 5 after determining that the hackers had ...
- New botnet unleashes record-breaking DDoS attacks
March 7, 2025
A new botnet dubbed “Eleven11bot” has emerged, delivering what security researchers believe are the largest distributed denial-of-service (DDoS) attacks ever recorded. The botnet, primarily composed of compromised webcams and video recorders, has triggered widespread service disruptions and ignited a debate within the cybersecurity community about its true size. Nokia’s Deepfield Emergency Response Team first detected the ...
- Cisco Releases Security Advisory for Secure Client
March 6, 2025
Cisco has released a security advisory to address a vulnerability in its Secure Client for Windows. Secure Client is Cisco’s endpoint virtual private network (VPN) solution. CVE-2025-20206 has a CVSSv3 score of 7.1 and if exploited could allow an authenticated, local attacker to achieve arbitrary code execution (ACE) on the affected machine with SYSTEM privileges via ...