ESET Ireland warns Irish WhatsApp users not to click on an email that claims it’s from WhatsApp, but in reality, spreads a trojan infection.
A dangerous email spam message is dropping into Irish mailboxes, pretending to come from WhatsApp. Its subject says “Missed voicemail” and the content of the mail just says “New voicemessage” and has a link called “Play”.
But don’t let curiosity get the better of you, because clicking on the link will begin the download of a trojan that ESET detects as “JS/Kryptik.BBC”, a variant of malware first detected in August 2016. JS/Kryptik is a generic detection of malicious obfuscated JavaScript code embedded in HTML pages that usually redirects the browser to a malicious URL or implements a specific exploit. The first instances of this sort of malware go back as far as 2011. The email address this attack comes from is associated to a domain, registered in Massachusetts, USA.
ESET Ireland recommends extreme caution when it comes to such emails, as trojan infections can expose the computer to ransomware, that ends up locking your files and demands a ransom of several hundred Euros. Rather than impulsively clicking a link in an unverified email claiming it’s from WhatsApp, log in to your WhatsApp account the standard way instead and check for any messages there.
The full story is available on ESET Ireland’s official blog.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…