• Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
No Result
View All Result

MyCERT Warns Of High-Risk Malware Targeting WhatsApp Web And Desktop Users In Malaysia

The malware is disguised as common financial and legal documents sent through WhatsApp messages.

by Heirul Kamel
June 25, 2026
WhatsApp-Stock-lowyat-2026
330
SHARES
Share on WhatsappShare on TelegramThreads

The Malaysia Computer Emergency Response Team (MyCERT) has issued an alert over an ongoing malware campaign targeting users of both web and desktop versions of WhatsApp on Windows computers. According to the advisory, attackers are using the messaging platform‘s messages to distribute malicious files disguised as legitimate financial, legal, and administrative documents.

The campaign specifically targets Windows users and relies on social engineering tactics to trick victims into opening infected attachments. Some of the file names observed in the campaign include “Acknowledgement of Debt.vbs”, “Sila semak bil anda.vbs”, “December statement of account.vbs”, and “Reconciliation.vbs”.

MyCERT warns of whatsapp web desktop malware
Image: MyCERT

Malware Disguised As Financial And Legal Documents

While these files may appear to be PDF documents at first glance, they are actually Visual Basic Script (.vbs) files. Once opened, the files automatically execute a script that begins the malware infection process.

According to MyCERT, the malware can install a Remote Access Trojan (RAT) on the affected computer, allowing attackers to remotely access and control the device. The malicious software is also capable of maintaining access even after a system reboot while disabling security prompts that could otherwise alert users to suspicious activity.

MyCERT warns of whatsapp web desktop malware
Image: MyCERT
MyCERT warns of whatsapp web desktop malware
Image: MyCERT

A compromised system may allow attackers to capture sensitive information displayed or entered on the device, including passwords, banking PINs, and one-time passwords (OTPs). MyCERT noted that the malware may evade detection by standard antivirus scans, making it particularly difficult for affected users to identify the compromise.

The advisory comes amid reports of a WhatsApp-based malware campaign identified by cybersecurity researchers, with Malaysia reportedly among the countries most heavily targeted. The attacks primarily affect WhatsApp Desktop and WhatsApp Web users on Windows, with the malicious files spread through compromised WhatsApp accounts.

Related Article WhatsApp Says Israeli Spyware Company Still Actively Targeting Its Users
hacking anti-hacking security cybersecurity
Image: pixelcreatures / Pixabay

MyCERT: Treat Infected Devices As Compromised

Users who have already opened or executed the file should assume that their device has been compromised and take immediate action. MyCERT recommends disconnecting the affected computer from the internet immediately to cut off any remote access by attackers. Those using a company-issued device should also notify their organisation’s IT department as soon as possible.

Affected users should change all passwords associated with accounts accessed on the compromised device, but only from a separate clean device. Any passwords, PINs, or sensitive information entered on the infected system should be treated as exposed.

The agency also advises users not to reply to suspicious messages, as doing so confirms that the phone number is active. Instead, recipients should report the message through WhatsApp and submit details such as screenshots, timestamps, and the sender’s number to Cyber999.

whatsapp features update ios android picture-in-picture meta

Standard Antivirus Scan May Not Be Enough

MyCERT further recommends seeking professional assistance to remove the malware. It also noted that a standard antivirus scan is unlikely to detect or remove the RAT installed by the attackers.

Users who encounter the malicious files or believe they have been infected can submit an incident report to MyCERT. Information such as the original message, attached files, links, and the estimated time and date of infection should be included to assist with investigations.

  • E-mail: cyber999@cybersecurity.my
  • Phone: 1-300-88-2999 (monitored during business hours)
  • Mobile: +60 19 2665850 (24×7 call incident reporting)
  • Business Hours: Mon – Fri 09:00 -18:00 MYT

(Source: MyCERT [official website])

Filed Under MalwareMyCERTWhatsapp
Updated 4:00 pm, Thu, 25 June 26
SendShareShareShare132Tweet83

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

No Result
View All Result

TRENDING THIS WEEK

  1. 1
    Fintech

    BNM To Phase Out Proprietary QR Payment Networks In Malaysia By 2028

  2. 2
    Speakers

    Xiaomi Desktop Speaker Pro Set Now Available In Malaysia

  3. 3
    Automotive

    MOF Officially Approves Budi Diesel Monthly Quota Increase To 300 Litres

  4. 4
    Mobile Phones

    Nothing Phone (4b) Now Official With 5,200mAh Battery, Vapour Chamber

  5. 5
    Gaming

    M4G Is Officially Bringing The Steam Machine Into Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Editorial Policy
  • Terms of Use
  • Contact Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.