TechFlow news, November 20 — According to Cointelegraph, Trustwave's cybersecurity research team SpiderLabs has released a new report revealing that a banking trojan named "Eternidade Stealer" is spreading widely across Brazil via WhatsApp. Attackers are using social engineering tactics such as fake government program notifications, courier alerts, and investment group invitations to trick users into clicking malicious links.
Once clicked, the malware simultaneously infects the device and hijacks the user's WhatsApp account, automatically spreading to the victim's contact list. The trojan can scan and steal login credentials from multiple Brazilian banks, fintech firms, and cryptocurrency exchanges.
To avoid detection, the malware uses a preset Gmail account to receive commands instead of connecting to a fixed server address. Security experts advise users to remain cautious of any links, even if they appear to come from trusted contacts, and to keep their software updated to defend against such attacks.
