A VBScript campaign distributed through WhatsApp deploying RMM software


In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.

Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.

Read more…
Source:  Kaspersky


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Government Consulting Firm GMA Reports a Massive Data Breach That Revealed 341,650 Social Security Numbers

    April 10, 2024

    In the ever-evolving digital landscape, where data breaches seem to be more of a certainty than a possibility, the recent revelation by Greylock McKinnon Associates (GMA) marks a significant moment of concern for privacy advocates, cybersecurity professionals, and individuals alike. The breach, exposing a staggering 341,650 Social Security numbers, has cast a spotlight on the urgent ...

  • Russian businesses targeted by novel ransomware gang

    April 10, 2024

    Attacks with a Conti ransomware code-based backdoor have been deployed by the new Muliaka ransomware operation against businesses across Russia since at least December, according to The Record, a news site by cybersecurity firm Recorded Future. Windows systems and VMware ESXi infrastructure of one Russian company had been compromised with the malware after Muliaka had infiltrated ...

  • IMF: Rising Cyber Threats Pose Serious Concerns for Financial Stability

    April 9, 2024

    Cyberattacks have more than doubled since the pandemic. While companies have historically suffered relatively modest direct losses from cyberattacks, some have experienced a much heavier toll. US credit reporting agency Equifax, for example, paid more than $1 billion in penalties after a major data breach in 2017 that affected about 150 million consumers. As we show ...

  • UK: Cyber security breaches survey 2024

    April 9, 2024

    Cyber security breaches and attacks remain a common threat. Half of businesses (50%) and around a third of charities (32%) report having experienced some form of cyber security breach or attack in the last 12 months. This is much higher for medium businesses (70%), large businesses (74%) and high-income charities with £500,000 or more in annual ...

  • Thousands of LG TVs are vulnerable to takeover

    April 9, 2024

    As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year. The vulnerabilities are found in four LG TV models that collectively comprise slightly more than 88,000 units around the world, according to results returned by the Shodan search engine ...

  • Cybercrime on agriculture operations and businesses is on the rise

    April 9, 2024

    When it comes to cyberattacks, ransomware and electronic fraud, farms and ranches are attracting the interest of hackers because they see these agriculture operations as potentially lucrative targets that may not have up-to-date fraud protection tools in place. Cathy Lennon, general manager of the Ontario Federation of Agriculture, says every point along the agrifood chain has ...