Key Notes
- Brazilian crypto holders are being targeted by the Eternidade Stealer banking Trojan via WhatsApp.
- Clicking malicious links allows the malware to steal financial data and crypto assets.
- Cybercriminals are using increasingly sophisticated tactics to exploit messaging apps and launder stolen funds.
Brazilian crypto holders are being targeted by a hijacking worm and banking trojan spread through WhatsApp.
The malicious messages may appear as “fake government programs” or even come from a friend, so users should stay alert and avoid clicking suspicious links.
Rise in WhatsApp Scams Threatens Brazil’s Crypto Community
SpiderLabs, the cybersecurity research team of Trustwave, released a report detailing the operation of the banking trojan dubbed “Eternidade Stealer.”
The report states that the banking trojan is being spread via social engineering on messaging apps, especially WhatsApp. It appears as fake government programs, delivery notifications, messages from friends, or fraudulent investment groups.
When a crypto user clicks the worm link on WhatsApp, they set off a chain reaction that infects them with both the worm and the banking trojan.
Once the file is downloaded, it scans a user’s device for financial data, which it uses to siphon their crypto assets. As a result, Brazilian crypto holders have been advised to remain vigilant, avoiding suspicious links at all costs.
Over the last few months, there has been a notable increase in the volume of exploits, hacks, and scams within the crypto space.
However, SpiderLabs researchers noted that “WhatsApp continues to be one of the most exploited communication channels in Brazil’s cybercrime ecosystem.”
Crypto Hackers Leverage Sophisticated Tactics
In their report, Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi explained further how these bad actors have refined their exploitation tactics over the last two years.
Their use of WhatsApp to distribute banker trojans and information-stealing malware comes from the platform’s immense popularity among residents of the country.
Other experts would agree that cybercriminals have switched to more sophisticated tactics over the years.
ZachXBT, an onchain investigator, caught sight of a bad actor who siphoned $3 million in digital assets from a US citizen.
He then swapped the stolen funds via Bridgers and went as far as utilizing over-the-counter (OTC) venues tied to Huione to launder the assets.
On September 12, the Shibarium bridge was hacked, and the perpetrators carted away with more than $4 million in crypto assets.
The attack leveraged a flash loan, which helped in compromising validator signing keys, giving the hacker access and control over the protocol.
Overall, the Shibarium bridge hacker siphoned up to 4.6 million BONE.
next
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Benjamin Godfrey is a blockchain enthusiast and journalist who relishes writing about the real life applications of blockchain technology and innovations to drive general acceptance and worldwide integration of the emerging technology. His desire to educate people about cryptocurrencies inspires his contributions to renowned blockchain media and sites.
Godfrey Benjamin on X
Source: https://www.coinspeaker.com/cybercriminals-exploit-whatsapp-to-steal-crypto-from-brazilians/
