MyCert is now issuing a warning to users in Malaysia, to be careful when accessing files received via WhatsApp – especially WhatsApp Web and WhatsApp Desktop. Through MyCert’s observations, they found that there are irresponsible parties targeting local users by sending VBS-formatted files to WhatsApp users.
The file will be automatically executed if opened using WhatsApp Desktop or WhatsApp Web when using the Windows operating system.
Through MyCert’s observations, the attackers used different file names when sending it to users, including the file names “Sila Semak Bil anda.vbs”, and “Statement of Account.vbs”. If a user opens the file on a Windows computer, it will carry out the infection process, and provide remote access to the attacker, in addition to allowing a number of information entered through the infected computer to be exposed to the attacker.
The public is reminded not to download or run files received from unknown parties, or in VBS format on your computer. If your device has been infected, you are asked to disconnect the internet connection for the device in question, and then change the password for your account via another device.
As always, you are advised to exercise caution when receiving or accessing any files you receive online, regardless of the medium.
