www.foxnews.com
A new WhatsApp Web attack leverages trusted conversations to distribute self-propagating ZIP files containing the Astaroth banking malware. Researchers tracking the campaign, dubbed “Boto Cor-de-Rosa,” are monitoring the delivery success rate. The malware operates by hijacking existing chat windows to send malicious attachments. When opened, the code executes and uses the victim’s account to spread further to their contacts, creating a rapid infection chain. The campaign exploits the inherent trust users have in messages from known sources. Security experts warn users to avoid downloading unexpected files, even from friends. The attackers use specific social engineering tactics to ensure the malware spreads unnoticed. By using ZIP files, they attempt to bypass standard email and messaging security scanners. The campaign remains active, targeting WhatsApp Web users globally.
Read More
