Cybersecurity researchers discovered that the Ethernidade Stealer banking trojan is spreading through WhatsApp in Brazil. It is sophisticated malware that only affects desktop systems.
Popular messaging apps are used to infiltrate the financial information of unsuspecting users. If you have saved your bank information in the messaging platform, you'd better delete it from the chats as early as now.
WhatsApp as a Malware Vector
According to Infosecurity Magazine, Brazilian cyber threat actors have turned WhatsApp into a tool to spread the Ethernidade Stealer. Their attack starts with an obfuscated VBScript, which then loads a Python-based WhatsApp worm.
The latter automatically sends messages, steals the contacts list, and publishes files to create a consistent way of spreading the trojan.
Targeted Delivery and System Requirements
The installer of Delphi-based Ethernidade Stealer is designed to run on a system that has Brazilian Portuguese as its display language.
After deployment, the stealer primarily targets sensitive information from popular banking apps like Santander, Itaú, Caixa, and Bradesco, and financial platforms like Binance and MercadoPago.
Advanced Trojan Capabilities
Eternity Stealer is much more than a simple banking trojan: dynamic command-and-control discovery, WhatsApp contact theft, process hollowing, and antivirus evasion are among some of the capabilities included within this malware. The malware can also collect detailed host information and browser window data that permit highly targeted financial theft by attackers.
Global Desktop Systems Could Still Be Affected
While the campaign focuses on Brazil, researchers at Trustwave SpiderLabs have pointed out that the impacts are wider, SC Media reported. Desktop systems worldwide may be in danger, particularly those with WhatsApp installed and running scripts from unknown sources.
Experts recommend that cybersecurity defenders and general users be wary of any suspicious WhatsApp activity, execution of unknown scripts, or MSI files. Don't click any unknown links in your inbox. A single click could cost your lifelong collection of data to be wiped out. In the worst-case scenario, your hard-earned money can be stolen in the blink of an eye.
Just recently, we reported that 3.5 billion users' data were leaked in a WhatsApp security flaw.
Originally published on Tech Times
