In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hacker claims to have hit General Electric and stolen company data
November 27, 2023
A hacker with the alias IntelBroker claims to have breached General Electric and stolen plenty of sensitive data from the company’s systems. The company operates in different fields, including aerospace, renewable energy, power, venture capital, and more. The hacker posted a new thread on an underground forum, selling access to the company’s “development and software pipelines” ...
- The Unseen Layers: Exploring The Tactics Of Multistage .NET Malware Packers
November 27, 2023
Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot, AgentTesla etc. In the ever-evolving landscape of cybersecurity threats, malicious actors continue to develop sophisticated techniques to compromise systems and exploit vulnerabilities. One such method gaining prominence is the ...
- Ransomware ‘catastrophe’ at Fidelity National Financial causes panic with homeowners and buyers
November 27, 2023
Last Tuesday, Fidelity National Financial, or FNF, a real estate services company that bills itself as the “leading provider of title insurance and escrow services, and North America’s largest title insurance company,” announced that it had experienced a cyberattack. Since then, homeowners who have mortgages and prospective buyers who are purchasing properties with FNF or one ...
- Gulf Air hit with data breach, customer data possibly affected
November 27, 2023
Gulf Air, the national air carrier for the Kingdom of Bahrain, has confirmed suffering a data breach which most likely resulted in hackers stealing sensitive customer information. The company confirmed the news via a press release shared with local media highlighting a “data breach incident” on November 24, possibly resulting in the compromise of “some information ...
- New Jersey: Montclair, Westwood Hospitals Divert Ambulances After Cyber Attack
November 27, 2023
Two hospitals in North Jersey are diverting ambulances from their emergency rooms after a cyber attack, authorities confirmed Monday. The attack impacted the computer systems at Mountainside Medical Center in Montclair, and Pascack Valley Medical Center in Westwood. Read more… Source: MSN News
- Foreign spy conducts cyberattacks against China’s defense, high-tech firm
November 27, 2023
China’s Ministry of State Security (MSS) disclosed a new case on Monday of foreign espionage activities involving the recruitment of a Chinese software developer who provided “technical services.” This spy agency used “poisoned” software to conduct cyberattacks and steal secrets from dozens of China’s defense and high-tech enterprises. Wang, a Chinese engineer in the network technology ...