The Indian Computer Emergency Response Team (CERT-In) cautioned users to exercise vigilance when opening attachments received via WhatsApp, even if these files come from known contacts such as friends, coworkers, or family members.
Hackers Utilizing Compromised WhatsApp Accounts to Distribute Malware
As per a CERT-In advisory published on June 25, hackers are transmitting malicious Visual Basic Script (VBScript) files through WhatsApp messages.
The agency pointed out that attackers are leveraging compromised WhatsApp accounts to disseminate these files, creating a facade of authenticity that increases the likelihood of users opening the attachments.
Since the messages originate from trusted contacts, numerous users might mistakenly believe the files are safe and download them without any checks.
Mechanism of the Malware Attack
WhatsApp enables users to share messages, documents, images, videos, and other files across web and desktop platforms. Cybercriminals are exploiting this functionality by dispatching infected VBScript files to contacts from hacked accounts.
Once a user executes the malicious file, attackers may gain control of the device and engage in further malicious activities.
Dangers of Opening Suspicious Files
A successful malware infection can allow criminals to:
- Access devices remotely
- Steal passwords and sensitive data
- Execute financial fraud
- Install additional malware
- Spread attacks across interconnected networks
- Disrupt personal or business operations
CERT-In emphasized that users should refrain from opening unexpected attachments, irrespective of the sender.
CERT-In Provides Safety Recommendations for Users
The cybersecurity agency advised users to confirm with the sender through a phone call or a separate message if they receive an unusual file.
It also cautioned that messages that seem out of character or suspicious should be handled with care.
Moreover, the agency suggested keeping devices and applications updated and adhering to safe digital practices to mitigate the risk of cyber threats.
Earlier this month, CERT-In has also tightened cybersecurity compliance requirements for original equipment manufacturers, such as mobile phone and computer makers, amidst rising concerns regarding AI-driven cyber threats.
