The hacker group Water Saci, targeting WhatsApp Web users (owned by Meta, recognized as an extremist organization and banned in Russia), has moved from simple attacks to more complex and sophisticated ones.
Experts have recorded a significant increase in the complexity of malicious campaigns: instead of outdated PowerShell scripts, attackers are now using more advanced Python scripts, possibly with the use of artificial intelligence.
This Trojan virus meticulously analyzes browser history, scans installed applications, assesses the presence of antivirus software, tracks open windows, and attempts to spoof the interface to steal user credentials.
According to researchers from Trend Micro, attacks begin with an innocuous WhatsApp message containing malicious files such as HTA, ZIP, or PDF.
About the Author
