In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DDoS attacks in Q1 2022
April 25, 2022
he DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced. In mid-February, DDoS ...
- REvil resurrected? Ransomware crew appears to be back. Keyword: Appears
April 22, 2022
The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims. Back in January, Russia said it dismantled the crime ring’s networks and raided ...
- Critical bug in Android could allow access to users’ media files
April 21, 2022
Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec (ALAC). ALAC is an audio coding format for lossless audio compression that Apple open-sourced in 2011. Since then, the company has been releasing updates ...
- FBI: Ransomware Attacks on Agricultural Cooperatives Potentially Timed to Critical Seasons
April 20, 2022
The Federal Bureau of Investigation (FBI) is informing Food and Agriculture (FA) sector partners that ransomware actors may be more likely to attack agricultural cooperatives during critical planting and harvest seasons, disrupting operations, causing financial loss, and negatively impacting the food supply chain. The FBI noted ransomware attacks during these seasons against six grain cooperatives during ...
- Oracle’s quarterly Critical Patch Update arrives with 520 fixes
April 20, 2022
Enterprise software giant Oracle has released its April Critical Patch Update (CPU) advisory, which includes 520 fixes for security flaws. Critical Patch Updates are collections of security fixes for Oracle products, published quarterly. This update addresses security flaws in dozens of products with three bugs getting a severity rating of 10 out of a possible 10, ...
- Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers
April 20, 2022
Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident’s impact was significantly smaller than expected. Based on the final forensic report, Okta’s Chief Security Officer David Bradbury said the attacker only accessed the two active customer tenants after gaining control of a single workstation used by an engineer ...