According to a report by Cointelegraph, hackers in Brazil are spreading a worm-banking trojan combination via WhatsApp, delivering "Eternidade Stealer" to steal login information from crypto wallets and financial accounts. The worm hijacks accounts and intelligently filters groups and business contacts, spreading only to personal contacts; the trojan automatically downloads and runs, scanning local financial data and logging into multiple banks, exchanges, and wallets. This malware uses a pre-set Gmail account to obtain and update C2 commands, reverting to a hard-coded C2 response when a connection fails to connect, thus maintaining persistence and evading shutdown. The security team SpiderLabs advises caution when clicking on unfamiliar or suspicious links, and to immediately freeze access to banks and crypto services if compromised.
A cryptographic data-stealing worm attack spread via WhatsApp has emerged in Brazil.
This article is machine translated
Show original
Source
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments
Share
Relevant content
