CertIn warns against malware campaign spreading through WhatsApp web

Business To Business, New Delhi, 28^th June, 2026:   India's cybersecurity agency has issued a warning about a large-scale malware campaign targeting users of WhatsApp Web and WhatsApp Desktop, urging people to exercise caution when opening attachments received through the platform.
The Indian Computer Emergency Response Team said attackers are distributing malicious Visual Basic Script (VBScript) files through direct messages on WhatsApp. If opened, these files could allow cybercriminals to gain unauthorized access to a victim's device and potentially compromise sensitive information.
According to CERT-In, the campaign specifically targets users of WhatsApp's web and desktop versions rather than the mobile application alone.
The agency advised users not to assume that an attachment is safe simply because it appears to come from a trusted contact such as a friend, family member, or colleague. Cybercriminals often use compromised accounts to spread malware to a victim's contacts.
What users should do

• Avoid opening unexpected attachments, especially files with unfamiliar extensions.
• Verify suspicious messages with the sender through another communication channel.
• Keep WhatsApp Desktop, web browsers, and operating systems updated with the latest security patches.
• Use reputable antivirus and endpoint security software.
• Be cautious of files claiming to be invoices, documents, forms, or updates that prompt immediate action.