Eternidade Stealer Trojan Targets Brazil via Malicious WhatsApp Campaigns

SpiderLabs reports a new malware wave in Brazil combining worm and banking trojan capabilities to steal crypto wallet and financial account credentials via WhatsApp.

112d ago

Summary

SpiderLabs has identified a cyber campaign in Brazil distributing a worm and banking trojan combo through WhatsApp messages to deploy the 'Eternidade Stealer' malware. This strain targets financial accounts and cryptocurrency wallets by harvesting credentials, hijacking accounts, and spreading to a victim’s contacts. The malware maintains persistence using a Gmail-based command and control (C2) infrastructure. Victims risk unauthorized access to banking, fintech, and crypto exchange accounts.

Terms & Concepts

Banking Trojan: A type of malicious software designed to capture banking credentials and financial information from infected devices.
Command and Control (C2): The system by which attackers communicate with and control compromised devices within a network, often used to issue commands or exfiltrate data.
Credential Theft: The unauthorized acquisition of usernames, passwords, or other login details, often used to access personal or financial accounts.