London Daily

Focus on the big picture.
Thursday, Jul 10, 2025

WhatsApp attack: 'Tens of thousands' fall victim to Russian voice message ambush

WhatsApp attack: 'Tens of thousands' fall victim to Russian voice message ambush

A phishing attack designed to look like a WhatsApp voice message has already compromised tens of thousands of email accounts.

The tried-and-tested attack method appears to be a harmless email containing a link to a WhatsApp voice message.

But anyone clicking on the link is taken to a malicious website that attempts to install a virus on the victim’s device.

Cyber security researchers at California-based Armorblox report that nearly 28,000 mailboxes – across both Gmail and Microsoft’s Outlook program have been impacted by the ambush.

More worryingly, the company says the email attack comes from a valid Russian-based domain.

The experts say the ‘mailman.cbddmo.ru,’ domain is associated with an organisation known as the ‘Center for Traffic Safety of the Moscow Region’ – which is a part of the Russian Ministry of Internal Affairs.

The phishing email contains the subject line ‘New Incoming Voicemessage’ and is supposedly from a WhatsApp Notifier function.

The fake WhatsApp email containing a dangerous link


The security researchers say that, although it looks authentic, it’s actually a trick.

‘Upon clicking the “Play” link in the email, recipients were redirected to a page that attempts to install a trojan horse JS/Kryptik,’ explained Lauryn Cash from Armorblox.

‘This is a malicious obfuscated JavaScript code embedded in HTML pages that redirects the browser to a malicious URL and implements a specific exploit.’

‘The Armorblox research team was able to observe this attack on multiple customer tenants across Office 365 and Google Workspace. The potential total attack exposure was close to 28K mailboxes.’

Targeting WhatsApp users and zeroing in on voice messages make sense given the staggering amount of users the service has.


What is phishing, and why is it called phishing?
A Royal Mail scam has been making the rounds.

Phishing is the term applied to kind of electronic communications scam that aims to obtain private information, or to spread harmful malware, via the recipient.

The phenomenon takes its name from fishing due to the parallels in unaware targets being reeled in by bait.

The term was coined around 1996, according to Computer World, as internet scammers began using e-mail lures, setting out hooks to fish for passwords and financial data from the sea of Internet users.

Hackers commonly replace the letter f with ph, a nod to the original form of hacking known as phone phreaking.


Every day on WhatsApp, over 7 billion voice notes are sent back and forth as voice messages provide a quick alternative to a phone call.


Voice messages are especially preferred by older family members who want to avoid typing or even communicating in another language.

Obviously, if you see this email (or one that looks like it) land in your inbox, don’t click the link.

Newsletter

Related Articles

0:00
0:00
Close
Severe Heatwave Claims 2,300 Lives Across Europe
NVIDIA Achieves Historic Milestone as First Company Valued at $4 Trillion
Declining Beer Consumption Signals Cultural Shift in Germany
Linda Yaccarino Steps Down as CEO of X After Two Years
US Imposes New Tariffs on Brazilian Exports Amid Political Tensions
Azerbaijan and Armenia are on the brink of a historic peace deal.
Emails Leaked: How Passenger Luggage Became a Side Income for Airport Workers
Polish MEP: “Dear Leftists - China is laughing at you, Russia is laughing, India is laughing”
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Weinstein Victim’s Lawyer Says MeToo Movement Still Strong
U.S. Enacts Sweeping Tax and Spending Legislation Amid Trade Policy Shifts
Football Mourns as Diogo Jota and Brother André Silva Laid to Rest in Portugal
Labour Expected to Withdraw Support for Special Needs Funding Model
Leaked Audio Reveals Tory Aide Defending DEI Record
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
London Stock Exchange Faces Historic Low in Initial Public Offerings
A new online platform has emerged in the United Kingdom, specifically targeting Muslim men seeking virgin brides
Trump Celebrates Independence Day with B-2 Flyover and Signs Controversial Legislation
Boris Johnson Urges Conservatives to Ignore Farage
SNP Ordered to Update Single-Sex Space Guidance Within Days
Starmer Set to Reject Calls for Wealth Taxes
Stolen Century-Old Rolls-Royce Recovered After Hotel Theft
Macron Presses Starmer to Recognise Palestinian State
Labour Delayed Palestine Action Ban Over Riot Concerns
Swinney’s Tax Comments ‘Offensive to Scots’, Say Tories
High Street Retailers to Enforce Bans on Serial Shoplifters
Music Banned by Henry VIII to Be Performed After 500 Years
Steve Coogan Says Working Class Is Being ‘Ethnically Cleansed’
Home Office Admits Uncertainty Over Visa Overstayer Numbers
JD Vance Questions Mandelson Over Reform Party’s Rising Popularity
Macron to Receive Windsor Carriage Ride in Royal Gesture
Labour Accused of ‘Hammering’ Scots During First Year in Power
BBC Head of Music Stood Down Amid Bob Vylan Controversy
Corbyn Eyes Hard-Left Challenge to Starmer’s Leadership
London Tube Trains Suspended After Major Fire Erupts Nearby
Richard Kemp: I Felt Safer in Israel Under Attack Than in the UK
Cyclist Says Police Cited Human Rights Act for Riding No-Handed
China’s Central Bank Consults European Peers on Low-Rate Strategies
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Musk Battles to Protect Tesla Amid Trump Policy Threats
Air France-KLM Acquires Majority Stake in Scandinavian Airlines
UK Educators Sound Alarm on Declining Child Literacy
Shein Fined €40 Million in France Over Misleading Discounts
Brazil’s Lula Visits Kirchner During Argentina House Arrest
Trump Scores Legislative Win as House Passes Tax Reform Bill
Keir Starmer Faces Criticism After Rocky First Year in Power
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
×