ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Mobile Security

WhatsApp VBScript Campaign Distributes Fake Documents to Install ManageEngine RMM

Source headline: WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 2 hours ago

Intelligence Summary

A WhatsApp-based campaign is using direct messages to deliver malicious VBScript files. The messages contain fake document lures intended to trick recipients into running the scripts. Once executed, the VBScript can install a legitimate ManageEngine remote monitoring and management (RMM) tool. The targeting includes users of WhatsApp Desktop and WhatsApp Web across multiple countries. This matters because social engineering can lead to full tool installation, expanding remote access and persistence risk. Users should avoid opening unexpected documents or running scripts received via WhatsApp and verify message authenticity.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#social-engineering #vbscript #whatsapp #manageengine #rmm
Original reporting The Hacker News WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
Open original source

Related Pulse Signals

View all signals
High · Mobile Security Paradigm Shift details an unpatchable Apple chip flaw enabling iPhone jailbreaks Critical · Mobile Security Usbliter8 exploit bypasses Apple iPhone boot security on millions of devices Critical · Mobile Security Popa Android botnet tied to Alarum Technologies’ NetNut residential proxies High · Mobile Security Rokarolla Android Banking Trojan Targets 200+ Applications