Audio By Carbonatix
The Cyber Security Authority (CSA) has uncovered a dangerous cyber attack scheme in which criminals are exploiting WhatsApp Web to steal banking credentials and one-time passwords (OTPs), including mobile money verification codes, from unsuspecting users in Ghana.
According to the CSA, the attack primarily targets Windows computer users through malicious ZIP files sent via WhatsApp messages and disguised as legitimate documents. The malware involved in the operation has been identified as Astaroth, a sophisticated information-stealing virus.
Explaining how the attack works, the CSA said threat actors initiate the process by sending victims ZIP files through WhatsApp, often under convincing pretexts such as work documents, invoices, or shared files. Once a user downloads and extracts the file on a Windows device, the Astaroth malware is installed without raising suspicion.
After installation, the malware secretly connects to WhatsApp Web, retrieves the victim’s contact list and automatically sends similar malicious messages to all contacts, allowing the virus to spread rapidly without the victim’s knowledge.
In the background, the malware carries out extensive data-harvesting operations. These include stealing banking login details, one-time passwords (OTPs), browser cookies and recording keystrokes. The stolen information can then be used by criminals to gain unauthorised access to bank accounts, compromise mobile money wallets, and carry out fraudulent transactions.
The Cyber Security Authority has urged the public to exercise extreme caution when opening files received through messaging platforms, even when they appear to come from known contacts.
Users are advised not to download or open suspicious attachments, to keep their devices updated with the latest security patches and antivirus software, and to immediately report any unusual activity on their accounts.
Anyone affected by the malware can reach out to engineers at the CSA for assistance via the contacts below:
- Email :report@csa.gov.gh
- Call:292
- SMS: 292
- Whatsapp: 0501603111
- Mobile App : CSA GHANA
Latest Stories
-
Multimedia Group vs. Kennedy Agyapong: Court adjourns defamation trial to February 11
2 minutes -
1,033 excavators now tracked as government tightens grip on illegal mining
9 minutes -
First Sky to build 50 churches nationwide by year-end as solar project advances
17 minutes -
Gov’t to roll out Land Banks Initiative to boost large-scale agriculture – Lands Minister
32 minutes -
WHO backs Ghana’s health reforms, pledges support
33 minutes -
Research in Accra shows 70% of couples struggling with childbirth due to male infertility — Dr Sefogah
46 minutes -
Asante Kotoko risk losing captain Samba O’Neil as contract talks drag on
56 minutes -
Ashanti Regional Minister visits Sofoline fire outbreak scene, assures victims of gov’t support
1 hour -
Metro Mass spare parts stuck at port for 2 years – Cezario Kale
1 hour -
Ghana records over 63,000 road crash deaths since 1991 – NRSA
1 hour -
Wenchi District Court fines 5 mobile money fraudsters GH¢6,000 each
1 hour -
“Is it GTP or Printex?” — Charles Bissue slams claim Ken Agyapong is not presidential material
1 hour -
After 24 years in Parliament, why can’t he lead? – Charles Bissue on Kennedy Agyapong
1 hour -
NPP must elect flagbearer with national appeal to defeat NDC in 2028 – Adomako Kissi
1 hour -
Mahama using Akufo-Addo’s roadmap – Charles Bissue on galamsey fight
2 hours