THE article discusses a malware campaign that utilizes WhatsApp direct messages to distribute VBScript attachments that appear as routine business documents. When opened, these scripts initiate a multi-stage infection chain culminating in the silent installation of ManageEngine Endpoint Central, allowing attackers persistent control over the host. The campaign has been noted to affect various countries, with Malaysia being the most targeted.
Key methods include social engineering, blending into normal Windows activities, and manipulating registry settings to decrease user access control prompts. The article advises defenders to take immediate precautions, including treating unexpected attachments as suspicious and implementing strict monitoring and blocking of script executions originating from chat applications.