Article Details

Hackers Hijack WhatsApp To Steal Users’ Passwords and Drain Bank Accounts: Report

Cybersecurity researchers say hackers are manipulating WhatsApp to steal people’s banking credentials.

The researchers have discovered a banking trojan affecting people who use WhatsApp Web.

The malware infects Windows computers when victims open malicious ZIP files received in messages.

This triggers a script that downloads the main payload, which then takes unauthorized control of the victim’s WhatsApp Web session on the infected machine, allowing it to harvest contacts and send malicious files to them without breaching WhatsApp’s servers.

The payload deploys two distinct modules that run in parallel: a classic banking trojan for stealing credentials and a separate module that transforms the infected machine into a self-spreading worm.

Named “Boto Cor-de-Rosa” by Acronis Threat Research Unit, the campaign is initially targeting Brazilians, using culturally tailored Portuguese messages like “Bom dia” to lure clicks.

Once installed, the Delphi-based Trojan steals credentials from banking sites.

Users should avoid unknown attachments and enable multi-factor authentication.

&nbsp

Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Generated Image: Midjourney

The post Hackers Hijack WhatsApp To Steal Users’ Passwords and Drain Bank Accounts: Report appeared first on The Daily Hodl.