CyberSum logo
Back

WhatsApp Malware

Cyber Security News by CyberSum.net
4 sources
A new malware campaign has been uncovered that uses WhatsApp to launch self-propagating malware outbreaks, targeting financial institutions and cryptocurrency exchanges, the campaign uses a newly identified malware called SORVEPOTEL to spread rapidly across Windows systems, it prioritizes speed and social engineering, abusing the trust users place in WhatsApp conversations, the infection starts with a phishing message sent from a compromised WhatsApp account, which contains a malicious ZIP file disguised as a legitimate document, when opened, the archive reveals a malicious Windows shortcut file that silently executes a PowerShell script, this script downloads and executes additional payloads directly from attacker-controlled domains.

Also Read

Winos 4.0 Malware Expands Reach with HoldingHands RAT

The threat actors behind Winos 4.0 malware have expanded their targeting to include new regions, using phishing emails with malicious PDFs to deliver HoldingHands RAT. This campaign, linked to an aggressive cybercrime group, employs SEO poisoning and fake websites to spread the malware. Recent attacks have utilized taxation-themed documents and fake landing pages to deceive recipients into downloading the RAT, which can capture sensitive information and run arbitrary commands.

By Cyber Security News by CyberSum.net