Microsoft and Malwarebytes have identified a new attack targeting WhatsApp Desktop users.
This isnโt a software bug โ itโs social engineering.
๐ Hereโs how the attack works:
- ๐ฉ You receive what looks like a normal attachment on WhatsApp
- โ๏ธ The file is actually a script (e.g. .vbs)
- ๐ต๏ธโโ๏ธ When opened, it quietly uses built-in Windows tools to download malware
- ๐ The attacker can then gain remote access to your PC and data
Because it uses legitimate tools and trusted cloud services, it can be very hard to detect.
๐ How to stay safe:
- ๐ซ Donโt open unexpected attachments โ even from known contacts
- ๐ Turn on file extensions in Windows (so you can spot .vbs, .msi, etc.)
- ๐ก๏ธ Keep your anti-malware software up to date
- ๐ Only download/install software from official vendor sites
- โ ๏ธ Watch for warning signs (UAC prompts, slow system, unknown apps)