Audio By Carbonatix
The Cyber Security Authority (CSA) has uncovered a dangerous cyber attack scheme in which criminals are exploiting WhatsApp Web to steal banking credentials and one-time passwords (OTPs), including mobile money verification codes, from unsuspecting users in Ghana.
According to the CSA, the attack primarily targets Windows computer users through malicious ZIP files sent via WhatsApp messages and disguised as legitimate documents. The malware involved in the operation has been identified as Astaroth, a sophisticated information-stealing virus.
Explaining how the attack works, the CSA said threat actors initiate the process by sending victims ZIP files through WhatsApp, often under convincing pretexts such as work documents, invoices, or shared files. Once a user downloads and extracts the file on a Windows device, the Astaroth malware is installed without raising suspicion.
After installation, the malware secretly connects to WhatsApp Web, retrieves the victim’s contact list and automatically sends similar malicious messages to all contacts, allowing the virus to spread rapidly without the victim’s knowledge.
In the background, the malware carries out extensive data-harvesting operations. These include stealing banking login details, one-time passwords (OTPs), browser cookies and recording keystrokes. The stolen information can then be used by criminals to gain unauthorised access to bank accounts, compromise mobile money wallets, and carry out fraudulent transactions.
The Cyber Security Authority has urged the public to exercise extreme caution when opening files received through messaging platforms, even when they appear to come from known contacts.
Users are advised not to download or open suspicious attachments, to keep their devices updated with the latest security patches and antivirus software, and to immediately report any unusual activity on their accounts.
Anyone affected by the malware can reach out to engineers at the CSA for assistance via the contacts below:
- Email :report@csa.gov.gh
- Call:292
- SMS: 292
- Whatsapp: 0501603111
- Mobile App : CSA GHANA
Latest Stories
-
Sahara Group commissions 40,000cbm Asharami Ghana LPG vessel to advance clean energy access in Ghana
1 minute -
Ghana’s Ambassador to Côte d’Ivoire marks 69th independence day with call to ‘build prosperity and restore hope’
3 minutes -
COCOBOD to distribute 27,000 sprayers and 89,000 PPE sets to cocoa farmers
12 minutes -
Ntim Fordjour accuses NDC of ‘double standards’ over presidential travel
18 minutes -
Israel–Iran war shakes global insurance industry; Ghana may face heavy impact – Dr Kingsley Agyemang
20 minutes -
DJ Mensah calls for national support for Rapperholic UK as Sarkodie eyes O2 Arena
23 minutes -
COCOBOD disburses GH¢4.2bn to Licensed Buying Companies to settle cocoa farmers’ arrears
25 minutes -
Rebecca Ekpe launches mentorship programme for young journalists and digital creators
26 minutes -
Home Support: How we can use Ghanaians living in the diaspora to form supporter groups for the 2026 World Cup and save millions
33 minutes -
NPP communicator, Senyo Amekplenu seeks audit service expenditure details under RTI
39 minutes -
British man charged in Dubai for alleged filming of Iranian missiles
41 minutes -
The mirage of president’s special initiatives – Mahama’s “Legacy Projects”, or another monuments of waste?
43 minutes -
British man charged in Dubai for alleged filming of Iranian missiles
44 minutes -
The digital mirage and Cedi’s grave: Unmasking one million coders facade
1 hour -
Northshore Apparel Ghana Ltd partners with Coats Digital to launch regenerative apparel manufacturing hub
1 hour