• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

WhatsApp ‘Voice Message’ Is an Info-Stealing Phishing Attack

You are here: Home / General Cyber Security News / WhatsApp ‘Voice Message’ Is an Info-Stealing Phishing Attack
April 5, 2022

Tens of 1000’s of victims have been tricked into clicking on an email boasting to comprise a WhatsApp voicemail concept, according to scientists.

A crew at Armorblox has presently detected near to 28,000 mailboxes impacted across Google Workspace and Microsoft 365.

The email in dilemma is titled “New Incoming Voicemessage,” with the physique text spoofed to appear as if a private information has been sent by using WhatsApp to the receiver.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Clicking “Play” in the email will redirect the victim to a web page that makes an attempt to install the JS/Kryptik Trojan, obfuscated JavaScript that tries to redirect the browser to a particular URL and induce an exploit, Armorblox reported.

“Once the concentrate on landed on the destructive webpage, he or she was prompted to affirm they ‘are not a robot,’” it continued.

“If the focus on clicked ‘allow’ on the popup notification in the URL a destructive payload could perhaps be put in as a Windows software by way of a browser advert support, in buy to bypass Person Account Manage. Once the malware was put in it can steal delicate information and facts like qualifications that are saved within just the browser.”

The email was despatched from a valid Russian domain, “mailman.cbddmo.ru,” which is associated with an firm recognised as the Centre for Website traffic Basic safety of the Moscow Location, a part of the Russian Ministry of Inside Affairs.

That enabled it to bypass Google and Microsoft anti-phishing security, whilst it is not at present recognized how the threat actors managed to exploit the domain, the scientists claimed.

The marketing campaign could also have been timed to coincide with a sequence of new updates released by WhatsApp late final 7 days designed to strengthen the person experience.

Armorblox claimed sufferer companies came from the healthcare, instruction and retail sectors.

It urged corporate security teams to improve cloud-native email security with 3rd-party tools, improve instruction and recognition endeavours and abide by multi-factor authentication and password administration ideal methods.


Some pieces of this short article are sourced from:
www.infosecurity-magazine.com

Previous Post: «hackers breach mailchimp email marketing firm to launch crypto phishing Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams
Next Post: UK retailer The Works calls in cyber experts after security breach uk retailer the works calls in cyber experts after security»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.