In a recent wake-up call to the public, the Cyber Security Authority (CSA) of Ghana has sounded the alarm for Windows users, warning of a dangerous new threat lurking in the digital shadows.
The culprit: a sophisticated banking malware campaign that is making its rounds through WhatsApp Web, putting both individuals and organisations at risk of devastating financial loss.
Known as Astaroth, the malware has been identified as a major concern by the CSA. The attackers’ method is deceptively simple yet highly effective—they begin by sending malicious ZIP files to potential victims through WhatsApp messages. Disguised as legitimate documents or shared under seemingly innocent pretexts, these files are designed to lure unsuspecting users into downloading and opening them.
The real danger begins after the ZIP file is extracted and executed on a Windows computer. Once inside, Astaroth quietly installs itself, immediately connecting to WhatsApp Web to harvest the victim’s contact list. In a matter of moments, the malware sends similar malicious messages to everyone in the contact list, spreading itself further, all without the user’s knowledge.
While the malware operates in the background, it conducts extensive data harvesting, stealing sensitive information such as banking login credentials, one-time passwords (OTPs), browser cookies, and even keystrokes. With this trove of stolen data, cybercriminals can gain unauthorized access to financial accounts, commit fraud, and orchestrate further crimes.
The CSA urges anyone who suspects they have been targeted or affected by such attacks to reach out for help. Victims and concerned individuals can report incidents and seek guidance by calling or texting 292, using WhatsApp at 0501603111, or emailing report@csa.gov.ghOpens a new window.
The message from the CSA is clear: stay vigilant, be wary of unexpected files received via WhatsApp, and report suspicious activity promptly to help combat this growing cyber threat.
Source: Apexnewsgh.com
