Eternidade Stealer: Brazil’s Cybercriminals Get Aggressive with WhatsApp Worms
Eternidade Stealer is shaking up Brazil’s cybercrime scene, using WhatsApp as a digital Trojan horse. This malware blends a WhatsApp-propagating worm, Delphi stealer and MSI dropper to target financial data. Its Brazilian Portuguese focus and Python-powered WhatsApp hijacking make it a uniquely local threat with global ambitions.
Hot Take:
Looks like Brazil’s cybercriminals just got a WhatsApp upgrade and are sliding into your DMs with more than just a “hey, how are you?” Now, they’re armed with a Trojan that’s more aggressive than your ex’s text messages and sneakier than a cat burglar at a blackout party. Welcome to the era of WhatsApp worm warfare!
Key Points:
- Eternidade Stealer is the newest banking Trojan in town, exploiting WhatsApp for both entry and spread.
- It utilizes a Python worm and Delphi-based stealer combo to swipe financial data and WhatsApp contacts.
- The campaign leverages VBScript for agile scripting and personalized WhatsApp messages.
- Hard-coded email credentials allow dynamic command-and-control retrieval via IMAP.
- Trustwave’s investigation revealed limited infections in Brazil but widespread international curiosity.
Already a member? Log in here