Crypto holders in Brazil are being warned about a new, sophisticated hacking campaign involving a hijacking worm and a banking trojan, distributed through WhatsApp messages. According to Trustwave’s SpiderLabs, the malware—named Eternidade Stealer—is spread via social engineering tactics, including fake government programs, delivery notifications, messages from friends, or fraudulent investment groups.
How the Attack Works
Clicking the malicious link triggers a dual infection: the hijacking worm takes over the WhatsApp account, harvesting the victim’s contact list while skipping business contacts to target individuals efficiently. Simultaneously, the banking trojan installs Eternidade Stealer on the victim’s device, scanning for financial credentials across Brazilian banks, fintech apps, and crypto exchanges and wallets.
The malware is designed to evade detection by using a dynamic command-and-control (C2) system. Instead of relying on a fixed server, it retrieves instructions from a pre-set Gmail account, with a hardcoded fallback server if the email-based C2 is unreachable. This allows hackers to update commands remotely, maintain persistence, and avoid network-level takedowns.
Brazil’s Crypto Vulnerability
Brazil ranks fifth globally in Chainalysis’ 2025 Global Crypto Adoption Index, making it a prime target for such attacks. High adoption levels combined with the popularity of WhatsApp make the country particularly vulnerable to malware campaigns targeting crypto holders.
Protective Measures
Users are advised to exercise caution with any links received via WhatsApp, even from trusted contacts. Confirming links through alternate messaging apps, keeping devices and software up to date, and using anti-virus programs can help mitigate risks. Victims of the malware should immediately freeze access to banking and crypto accounts and track any unauthorized transactions to assist exchanges or authorities in recovering stolen assets.
This attack highlights the growing sophistication of cybercriminals targeting crypto users and emphasizes the importance of vigilance in digital communications.