In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber attack leaves six North Carolina counties locked out of their online records
December 30, 2022
They’re responsible for keeping and protecting your most important records, but Thursday, a company that works with local governments across North Carolina has been paralyzed by a cyber attack with no end in sight. Cott Systems said they work with 300 local offices in 21 states, but right now that work is on hold and local ...
- LockBit ransomware claims attack on Port of Lisbon in Portugal
December 30, 2022
A cyberattack hitting the Port of Lisbon Administration (APL), the third-largest port in Portugal, on Christmas day, has been claimed by the LockBit ransomware gang. The Port of Lisbon is part of the critical infrastructure in Portugal’s capital city, being one of the most accessed ports in Europe, due to its strategic location, and serving container ...
- Canadian mining firm shuts down mill after ransomware attack
December 30, 2022
The Canadian Copper Mountain Mining Corporation (CMMC) in British Columbia has announced that it was the target of a ransomware attack that impacted its operations. CMMC, partly owned by Mitsubishi Materials Corporation, is an 18,000-acre claim that produces an average of 100 million pounds of copper per year and has an estimated mineral reserve capacity for ...
- CISA Adds Two Known Exploited Vulnerabilities to Catalog
December 29, 2022
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added ...
- Google Home speakers allowed hackers to snoop on conversations
December 29, 2022
A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed. While experimenting with his own Google Home mini speaker, the researcher discovered that new accounts added using the Google Home app could send ...
- Royal ransomware claims attack on Intrado telecom provider
December 28, 2022
The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday. While Intrado is yet to share any information regarding this incident, sources have told BleepingComputer early this month that the attack started on December 1 and the initial ransom demand was $60 million. The Royal Ransomware group, made up of experienced ...