WhatsApp users are being urged to be vigilant about what links they click on following the reveal of a malware campaign specifically targeting the instant messaging service.
Researchers from security firm Comodo found that users are being hit by random malware attacks from cybercriminals looking to target as many WhatsApp customers as possible.
Mainly disguised as official emails from WhatsApp itself (with an example pictured below), indicating that the user has a missed call, audio recording or notification, the malware spreads when an attachment is clicked on, infecting the user’s PC.
“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, director of technology for Comodo and the Comodo Antispam Labs.
“As a company, Comodo is working diligently in creating innovative technology solutions that stay a step ahead of the cybercriminals, protect and secure endpoints, and keep enterprises and IT environments safe.”
Sadly this is not the first time that the security of WhatsApp, which has over a billion users across the world, has come under scrutiny.
Back in February, supposedly built-in flaws in the privacy features of WhatsApp were revealed by a Dutch developer, which apparently allowed users’ status and other information to be tracked by anyone, regardless of how strict their privacy settings are.
In addition to this, last October, researchers at security firm Check Point revealed that up to 200 million users of the WhatsApp Web service, which allows users to receive their WhatsApp messages on their PC, could be at risk of having malware installed on their machines without them knowing.
“Tricking people into visiting hostile websites or open malicious documents is still an extremely common and successful means of hacking companies. It is no surprise that attackers have moved from using email, Facebook and LinkedIn to popular messaging services like WhatsApp,” commented Dave Palmer, director of technology at security firm Darktrace.
“As digital business communications become more diverse and increasingly hard to secure companies need an ability to spot in-progress attacks that are already inside their complex networks. This can only be achieved by using self-learning immune systems that can spot unusual behavior no matter how novel the attack method.”
Are you a security expert? Try our quiz!
Launch of Samsung's Galaxy S25 Ultra, Galaxy S25+ and Galaxy S25 sees the handsets described…
Microsoft's LinkedIn sued for allegedly using customer data, including private messages, to train AI models…
1,700 jobs to be lost in Quebec, as Amazon says it will close seven sites…
Google wins permanent injunction from London's High Court to prevent enforcement of Russian YouTube judgements
OpenAI, SoftBank, Oracle and others form joint venture called 'The Stargate Project' – to build…
Government replaces chairman of the competition watchdog with former Amazon boss, amid Labour's “growth” drive…