Microsoft has issued a warning about a new malware campaign that uses WhatsApp messages to spread malicious Visual Basic Script (VBS) files to Windows users.
The campaign, which started in late February 2026, employs a multi-stage infection chain to establish persistence and gain remote access to compromised systems.
The threat actors behind the campaign use social engineering tactics to trick users into executing the malicious VBS files, although the specific lures used are currently unknown.
Once executed, the VBS files initiate a series of events that ultimately lead to the compromise of the Windows system, potentially allowing attackers to steal sensitive information or install additional malware.
Users are advised to exercise caution when receiving files or links via WhatsApp, especially from unknown sources, to avoid falling victim to this campaign.
Microsoft’s warning highlights the importance of staying vigilant and taking proactive measures to protect against emerging threats, particularly those that exploit user interaction to bypass security controls like User Account Control (UAC).
Source: Original Article
