In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Kyivstar explains network failure by hacker attack, subscriber data not compromised
December 12, 2023
A failure in the network of Ukraine’s largest telecoms operator Kyivstar, which occurred on Tuesday morning, was caused by a hacker attack, but subscriber data was not compromised, the company involved law enforcement agencies and special government services in eliminating the failure, and promises compensation to customers. “On the morning of December 12, the Kyivstar communications ...
- Bitcoin ATM company Coin Cloud hacked
December 12, 2023
In November, the cybersecurity collective vx-underground wrote on X, formerly Twitter, that unknown hackers were claiming to have breached Coin Cloud, a bankrupt Bitcoin ATM company. According to vx-underground, the hackers claimed to have stolen 70,000 pictures of customers taken from cameras embedded in the ATMs, as well as the personal data of 300,000 customers, which ...
- Spider-Man developer Insomniac Games suffers ransomware attack
December 12, 2023
Insomniac Games, the studio behind titles including Spyro, Ratchet & Clank and Marvel’s Spider-Man, has been breached by the Rhysidia ransomware group. Rhysidia shared screenshots of the stolen on its TOR site, including imagery from Insomniac’s upcoming game, Marvel’s Wolverine. Personal data like passport scans of current and former employees also appears to be included, as ...
- Russian diplomat accuses West of patronizing Ukrainian IT army that commits cybercrime
December 12, 2023
The US-led West supervises Ukraine’s so-called IT army that may be responsible for cybercrime, Russia’s representative Irina Tyazhlova said on Monday. Addressing a meeting of the UN Open-ended Working Group (OEWG) on security of and in the use of information and telecommunication technologies (ICTs), she said: “Other numerous malicious activities with the use of ICTs were ...
- US healthcare giant Norton says hackers stole millions of patients’ data during ransomware attack
December 11, 2023
Kentucky-based nonprofit healthcare system Norton Healthcare has confirmed that hackers accessed the personal data of millions of patients and employees during an earlier ransomware attack. Norton operates more than 40 clinics and hospitals in and around Louisville, Kentucky, and is the city’s third-largest private employer. The organization has more than 20,000 employees, and more than 3,000 ...
- PSNI data breach ‘wake-up call’ for UK forces, review says
December 11, 2023
A major data breach within the Police Service of Northern Ireland (PSNI) has been described as “a wake-up call” for forces across the UK. A report into the data leak has made 37 recommendations for improving information security within the PSNI. In August, the surnames and initials of all the PSNI’s 9,500 staff were released by ...