Hackers targeting WhatsApp users; virus spreading under the guise of business documents..

If you use WhatsApp Desktop or WhatsApp Web, you need to exercise extra caution. Cybersecurity firm Kaspersky has uncovered a new malware campaign in which hackers attempt to infect users' computers by sending fake business documents via WhatsApp.

According to the report, cybercriminals are using previously compromised WhatsApp accounts. Consequently, the message appears to come from an acquaintance or a trusted contact rather than a stranger, making users more likely to trust it.

**Malware disguised as business files**
According to Kaspersky's Global Research and Analysis Team (GReAT), attackers are using filenames that look exactly like genuine business documents. These include names such as Invoice, Bank Statement, Account Statement, and Debt Notice.

**Cases detected in multiple countries**
Kaspersky's investigation revealed the impact of this malware campaign across several countries. The highest number of infected users was found in Malaysia. Additionally, such attacks have been identified in Brazil, Singapore, Taiwan, Vietnam, and parts of Europe.
The report notes that filenames are being created not only in English but also in Portuguese, French, German, and Malay to target a wider audience.

**What happens when the file is opened?**
As soon as a user opens the file, it creates a new working folder on the Windows system, downloads additional scripts from an external server, and executes them using the Windows Script Host. Subsequently, the malware attempts to grant the attackers remote access to the computer. This access can be exploited to control the system, steal data, or cause other forms of damage.

**How ​​to stay safe?**
Kaspersky advises users never to open any attachment received on WhatsApp without verifying it first, even if it appears to come from someone they know and trust. Be especially cautious with script or executable files—such as .vbs, .vbe, .exe, .bat, .cmd, .js, and .ps1—and open them only if you are absolutely certain of their authenticity.
Additionally, it is essential to use reliable security software on both your computer and mobile device. If you receive a suspicious file from someone you know, verify it through another communication channel before opening it.

Why is this attack dangerous?
The biggest challenge posed by this malware campaign is that it utilizes compromised WhatsApp accounts. Consequently, the message appears to come from a trusted contact, leading users to open the file without a second thought. Exercising a little caution in such situations can protect you from major cyberattacks and data theft.

Disclaimer: This content has been sourced and edited from News18 Hindi. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.