Bad actors in Brazil are using WhatsApp to deliver a hijacking worm and banking trojan to target crypto wallets. The malware can harvest sensitive information related to the victim’s crypto exchange account and wallets. SpiderLabs has uncovered a major campaign involving the Eternidade Stealer that targets financial information, login data, and other sensitive details associated with banking portals, fintech apps, and crypto exchanges. The malware uses complex social engineering schemes through WhatsApp messages and groups to deliver the malicious payload. The worm can access the victim’s contact list and prevent detection by using hardcoded credentials to log into its email account. Brazilian crypto users are urged to remain alert as WhatsApp is a favored tool for social engineering-based malware campaigns. Scammers and bad actors are targeting Brazil due to its growing crypto adoption and lack of proper regulatory framework. Eternidade Stealer is an infostealer that silently monitors applications, extracts sensitive credentials, and activates fake overlays to harvest user data. Other threats targeting crypto wallets include ModStealer, which targeted wallets across macOS, Windows, and Linux environments, and malware that uses artificial intelligence to rewrite its own code in real time, making it harder to detect.
Leave a Reply