Alert: WhatsApp Phishing Campaign Delivers Malware
ID: 5ab4ffb5-408c-5c77-aeb0-cb2da649b1ab
STIX ID: report--5ab4ffb5-408c-5c77-aeb0-cb2da649b1ab
Feed Name: KnowBe4 Blog
Threat Score
Microsoft researchers report a WhatsApp-based phishing campaign that convinces users to run malicious VBS files which create hidden folders, deploy renamed legitimate Windows utilities to evade detection, retrieve payloads from trusted cloud providers (AWS, Tencent Cloud, Backblaze B2), and install MSI packages to maintain persistence; Microsoft recommends strengthening endpoint/script execution controls, monitoring cloud traffic and registry/UAC changes, blocking known C2, and user social-engineering training.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.