Microsoft has issued a warning regarding a new malware campaign that utilizes WhatsApp to spread malicious Visual Basic Script (VBS) files, marking a significant threat to Windows users.
The campaign, which began in late February 2026, employs these VBS scripts to initiate a complex, multi-stage infection process. This process enables the attackers to establish persistence on the compromised system and gain remote access, potentially leading to further malicious activities.
The specific lures or tactics used by the threat actors to deceive users into executing the malicious scripts are currently unknown. However, the use of WhatsApp as a distribution channel highlights the evolving nature of cyber threats and the need for vigilance across all communication platforms.
This threat is particularly concerning due to its potential to bypass User Account Control (UAC) on Windows systems, allowing the malware to operate with elevated privileges without prompting the user for authorization. This capability significantly increases the risk of severe consequences, including data theft, system compromise, and the spread of additional malware.
Microsoft’s warning underscores the importance of being cautious with files received from untrusted sources, especially those delivered through messaging apps like WhatsApp. Users are advised to avoid executing unfamiliar scripts or files and to keep their systems and security software up to date to mitigate the risk of such infections.
Source: Original Article
