On November 20, according to Cointelegraph, Trustwave's cybersecurity research team SpiderLabs reported that a banking trojan called "Eternidade Stealer" is spreading on a large scale in Brazil via WhatsApp.
Attackers used social engineering techniques, such as fake government program notifications, delivery messages, and investment groups, to trick users into clicking malicious links. Once clicked, the malware simultaneously infects the device and hijacks the WhatsApp account, automatically spreading to the victim's contact list. This trojan was able to scan and steal login credentials from multiple Brazilian banks, fintech companies, and cryptocurrency exchanges. To avoid detection, the malware used a pre-set Gmail account to receive commands instead of a fixed server address. Security experts advise users to be wary of any links, even from trusted contacts, and to keep their software updated to protect against such attacks.
