In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys
October 30, 2023
Unit 42 researchers have identified an active campaign we are calling EleKtra-Leak, which performs automated targeting of exposed identity and access management (IAM) credentials within public GitHub repositories. As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging ...
- TA571 Delivers IcedID Forked Loader
October 30, 2023
Proofpoint researchers identified TA571 delivering the Forked variant of IcedID in two campaigns on 11 and 18 October 2023. Both campaigns included over 6,000 messages, each impacting over 1,200 customers in a variety of industries globally. Emails in the campaigns purported to be replies to existing threads. This is known as thread hijacking. The emails contained ...
- ING CISO says data sharing is key to financial cybersecurity
October 30, 2023
Compliance has been the traditional focus of IT departments in financial institutions, but as cyber threats continue to evolve, the financial industry needs to look to each other to help protect the wider ecosystem. Finextra spoke with Beate Zwijnenberg, chief information security officer at ING, about some of the challenges the bank is facing across ...
- Casio Data Breach Impacts Customers in 149 Countries
October 27, 2023
Japanese electronics colossus Casio Computer Co., Ltd. has suffered a data breach on its ClassPad education platform, impacting customers in 149 countries. A technical failure on October 11, 2023, alerted Casio to the cyber intrusion that culminated in an unauthorized entity accessing the ClassPad development database on October 12, 2023. Casio launched an investigation and confirmed ...
- Police warn Israelis not to answer unknown calls
October 27, 2023
The Israel Police warned citizens on Friday not to answer phone or video calls from numbers they don’t recognize—particularly from abroad—following a surge of suspicious calls reported to authorities. “The purpose of the calls may be to cause panic and harassment and may be part of attempts to take over the WhatsApp accounts,” per a ...
- A cascade of compromise: unveiling Lazarus’ new campaign
October 27, 2023
Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What’s remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor’s systems continued to use the flawed software, allowing the threat actor to exploit them. Upon further investigation, ...