The Indian Computer Emergency Response Team (Cert-In) has issued a cybersecurity advisory warning WhatsApp Web and desktop users about a large-scale malware distribution campaign that could lead to unauthorised access to devices and theft of sensitive information.
As stated in the cybersecurity alert released on June 25, cybercriminals are attacking users by sending malicious file attachments through hijacked WhatsApp accounts. These files may appear to have been sent by a trusted contact, hence increasing the probability that users will open these attachments.
The attacks are being conducted using malicious Visual Basic Scripts (VBScripts) files on WhatsApp Web and desktop platforms.
Also Read | Centre suspends Cell Broadcast Alert System pending technical review
Compromised accounts being used to spread malware
Citing findings from cybersecurity firms Kaspersky and Securelist, Cert-In said threat actors are exploiting previously compromised WhatsApp accounts to send harmful attachments directly to users' existing contacts.
"Because the messages originate from trusted contacts, recipients may be more inclined to open the attachment," the advisory noted.
Cybersecurity Best Practices
— CERT-In (@IndianCERT) June 25, 2026
#indiancert #cyberswachhtakendra #StaySafeOnline #cybersecurity #besafe #staysafe #mygov #Meity #onlinefraud #cybercrime #scamming #cyberalert #CSK #CyberSecurityAwareness pic.twitter.com/2LeXIzi9v1
The cybersecurity agency warned that opening such files could allow attackers to gain remote access to a user's device, steal login credentials, install additional malware and compromise broader networks connected to the infected system.
According to Cert-In, successful attacks could also result in financial losses, business disruption and unauthorised access to personal and professional information.
Cert-In advises users to verify suspicious files
It has asked users to avoid opening any unknown file attachments, even when it seems like it is being sent by acquaintances such as friends, family members or co-workers.
"Do not open attachments you were not expecting, even if they come from a friend, colleague, or family member," Cert-In said in its advisory.
Also Read | Received a message from an unknown number? WhatsApp may soon step in
It has been suggested that users confirm any suspicious messages by contacting the sender via phone calls or different messages before opening any file attachments. It has also been noted that any messages that seem odd or inconsistent with the usual style of communication of the sender can be malicious.
The advisory comes at a time when there has been an increase in the number of cases related to social engineering attacks. Cyber criminals make use of trust and familiarity to access devices and sensitive data in social engineering attacks.
FAQs
Q1. Who are the targets of the new malware attack?
The malware mainly targets the users of WhatsApp Web & WhatsApp Desktop using file attachments.
Q2. What should be done in case of receiving any unexpected attachment in WhatsApp?
Users should avoid opening the file and verify with the sender through a phone call or separate message before taking any action.
