CERT-In Warns of Major Malware Threat Targeting WhatsApp Web Users

India's national cybersecurity agency CERT-In has issued a warning about a large-scale malware campaign targeting WhatsApp Web and desktop users. According to the advisory, if the malware infects a user's computer or laptop, cybercriminals may gain unauthorized remote access to the device. The warning is based on research conducted by leading cybersecurity firms Kaspersky and Securelist.

CERT-In said attackers first compromise WhatsApp accounts and then send malicious file attachments to the victim's contacts. Since the files appear to come from trusted friends or colleagues, many users open them without suspicion. The malware is reportedly being distributed through Visual Basic Script (VBS) files, allowing hackers to steal passwords, banking credentials, and other sensitive information. Users are advised not to open unknown files and to verify suspicious attachments with the sender before downloading or running them.