Info-stealing malware distributed in WhatsApp phishing campaign

BleepingComputer reports that at least 27,655 email addresses have been targeted by a phishing campaign spoofing WhatsApp's voice message capability to disseminate information-stealing malware. Armorblox researchers discovered that the new WhatsApp voice message phishing attack involves the use of an email from the "Whatsapp Notifier" service using an address owned by the Center for Road Safety of the Moscow Region, which notifies recipients regarding a new private message, with the email including a "Play" button, as well as the duration of the audio clip and details regarding the creation of the message. Clicking on the "Play" button will redirect recipients to a website that will trigger an allow/block prompt for JS/Kryptic trojan installation, with users lured to click "Allow" to confirm that they are not a robot. Selecting "Allow" would then prompt the installation of the information-stealing malware, according to researchers. Users have been urged to identify signs of fraudulent activity to better protect themselves from phishing attempts.