The Indian Computer Emergency Response Team has alerted WhatsApp Web and desktop users about a widespread malware campaign that could allow unauthorized access to devices. Cert-In advised caution with any attachments received through the platform, even from known contacts. The agency noted that malicious Visual Basic Script files are being distributed via direct messages. Attackers use compromised accounts to send the files, making the messages appear legitimate and increasing the chance that recipients will open them. Successful infection may enable remote device access, credential theft, additional malware deployment, network compromise, and financial losses. Cert-In recommended verifying unexpected files by phone or separate message before opening them and treating unusual messages as suspicious. The advisory draws on reports from Kaspersky and Securelist.

Credit:
https://economictimes.indiatimes.com/tech/technology/certin-warns-against-malware-campaign-spreading-through-whatsapp-web/articleshow/132061747.cms
BCN