Promotion of Best CFD Trading Platform

Brazilian Crypto Users Beware: WhatsApp Worm Threat

Cryptocurrency holders in Brazil are urged to exercise extreme caution due to a sophisticated hacking campaign involving a hijacking worm and a banking trojan being spread through WhatsApp messages. According to a new report from Trustwave’s SpiderLabs cybersecurity research team, the banking trojan, dubbed “Eternidade Stealer,” is being disseminated via social engineering tactics on WhatsApp, including “fake government programs, delivery notifications,” messages from compromised contacts, and fraudulent investment schemes.

SpiderLabs researchers Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi stated, “WhatsApp remains one of the most exploited communication channels in Brazil’s cybercrime landscape. Over the past two years, malicious actors have refined their tactics, leveraging the platform's widespread popularity to distribute banking trojans and information-stealing malware.”

How the Worm and Trojan Operate

In simple terms, clicking the worm link in WhatsApp triggers a chain reaction, infecting the victim with both the worm and the banking trojan. The worm hijacks the user's account and retrieves their contact list. It then employs “smart filtering” to ignore business contacts and groups, focusing on individual contacts for a more streamlined operation.

Simultaneously, the banking trojan, a file automatically downloaded onto the victim's device, deploys the Eternidade Stealer in the background. This trojan scans for financial data and login credentials for a range of Brazilian banks, fintech companies, and cryptocurrency exchanges and wallets.

Evading Detection

The malware employs a clever method to avoid detection or takedown. Instead of relying on a fixed server address, it uses a pre-set Gmail account to check for new commands via email. This allows the hackers to alter commands by sending new emails.

“A notable feature of this malware is its use of hardcoded credentials to log into its email account, from which it fetches its C2 server. This represents a remarkably intelligent approach to updating its C2, maintaining persistence, and avoiding network-level detection or takedowns. If the malware fails to connect to the email account, it resorts to a hardcoded fallback C2 address,” the report detailed.

Staying Safe

Users of apps like WhatsApp are advised to be wary of any links sent to them, even if from a trusted contact. A useful strategy is to verify the link's legitimacy with the sender through a separate communication channel. Be especially suspicious of links sent unexpectedly with limited context.

Keeping software up-to-date can also help protect against vulnerabilities targeted by older versions, and anti-virus software can potentially flag suspicious activity.

If a user suspects their account has been compromised, it is crucial to immediately freeze all potential access points to banking and crypto services to mitigate losses. Tracking fund movements can also assist exchanges, researchers, or authorities in tracing the flow of stolen assets, potentially enabling them to freeze hacker-controlled wallets.


Risk Warning: This article is provided for informational purposes only and does not constitute investment advice, investment research, or a recommendation to trade. The views expressed are those of the author and do not necessarily reflect the position of Markets.com. When considering shares, indices, forex (foreign exchange), and commodities for trading and price predictions, remember that trading CFDs involves a significant degree of risk and may not be suitable for all investors. Leveraged products can result in capital loss. Past performance is not indicative of future results. Before trading, ensure you fully understand the risks involved and consider your investment objectives and level of experience. Cryptocurrency CFD trading restrictions may apply depending on jurisdiction.

Latest news

sliver

Thursday, 2 July 2026

Indices

Silver Price Forecast: XAG/USD Rebounds Above $62 as Fed Bets Ease

oil

Thursday, 2 July 2026

Indices

WTI Oil Price Holds Near $69 as Weaker Dollar Supports Crude

gold

Thursday, 2 July 2026

Indices

Gold Price July 3: Spot Surges Past $4,120 on Weak Jobs Data

gold

Wednesday, 1 July 2026

Indices

Spot Gold Rebounds Above $4,000 as US Manufacturing Slows and Fed Shifts Messaging

oil

Wednesday, 1 July 2026

Indices

Crude Oil Prices Extend Post-War Slump as Supply Risks Fade and Hormuz Traffic Rebounds

U.S.-Non-Farm Payrolls

Wednesday, 1 July 2026

Indices

US Jobs Report Preview: Will June Payrolls Revive Fed Hike Bets?

Wednesday, 1 July 2026

Indices

Markets are carefully monitoring June US labor numbers today

bitcoin-price

Tuesday, 30 June 2026

Indices

Bitcoin Price Outlook: Could BTC Fall Toward $53,000 After Losing $60,000 Support?

oil

Tuesday, 30 June 2026

Indices

Brent Holds Above $73 as Iran Talks Uncertainty Offsets Hormuz Recovery

gold

Tuesday, 30 June 2026

Indices

Gold Price Today, July 1: Spot Gold Faces Worst Quarterly Loss in 13 Years