Cybercriminals Exploit WhatsApp to Steal Crypto from Brazilians

38 minutes ago by · 2 mins read
an image

Eternidade Stealer, a worm and banking trojan, is targeting Brazilian crypto holders through WhatsApp.

Brazilian crypto holders are being targeted by a hijacking worm and banking trojan spread through WhatsApp.

The malicious messages may appear as “fake government programs” or even come from a friend, so users should stay alert and avoid clicking suspicious links.

Rise in WhatsApp Scams Threatens Brazil’s Crypto Community

SpiderLabs, the cybersecurity research team of Trustwave, released a report detailing the operation of the banking trojan dubbed “Eternidade Stealer.”

The report states that the banking trojan is being spread via social engineering on messaging apps, especially WhatsApp. It appears as fake government programs, delivery notifications, messages from friends, or fraudulent investment groups.

When a crypto user clicks the worm link on WhatsApp, they set off a chain reaction that infects them with both the worm and the banking trojan.

Once the file is downloaded, it scans a user’s device for financial data, which it uses to siphon their crypto assets. As a result, Brazilian crypto holders have been advised to remain vigilant, avoiding suspicious links at all costs.

Over the last few months, there has been a notable increase in the volume of exploits, hacks, and scams within the crypto space.

However, SpiderLabs researchers noted that “WhatsApp continues to be one of the most exploited communication channels in Brazil’s cybercrime ecosystem.”

Crypto Hackers Leverage Sophisticated Tactics

In their report, Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi explained further how these bad actors have refined their exploitation tactics over the last two years.

Their use of WhatsApp to distribute banker trojans and information-stealing malware comes from the platform’s immense popularity among residents of the country.

Other experts would agree that cybercriminals have switched to more sophisticated tactics over the years.

Related article: Secret Exchange Inside HTX Linked to $10B Scam Network

ZachXBT, an onchain investigator, caught sight of a bad actor who siphoned $3 million in digital assets from a US citizen.

He then swapped the stolen funds via Bridgers and went as far as utilizing over-the-counter (OTC) venues tied to Huione to launder the assets.

On September 12, the Shibarium bridge was hacked, and the perpetrators carted away with more than $4 million in crypto assets.

The attack leveraged a flash loan, which helped in compromising validator signing keys, giving the hacker access and control over the protocol.

Overall, the Shibarium bridge hacker siphoned up to 4.6 million BONE.

Share:

Related Articles

66 Crypto Organizations Urge Trump for Immediate Tax Clarity and Developer Protections

By November 20th, 2025

Coalition led by Solana Policy Institute demands federal agencies act on staking tax rules, temporary legal protections for DeFi projects, and Roman Storm case dismissal without requiring new legislation.

Crypto Lending Hits $73.6B Record as DeFi Captures Two-Thirds of Market

By November 20th, 2025

Outstanding crypto loans in Q3 2025 surpassed the 2021 peak by 6%, with onchain lending now holding 66.9% market share versus 48.6% four years ago

ChatGPT Suggests You Buy These 3 Cryptocurrencies Before Black Friday

By November 20th, 2025

Three altcoins with real catalysts that could fuel a holiday-season rebound.

Exit mobile version