Cybersecurity researchers have detailed the ‘Boto Cor-de-Rosa’ campaign, which utilizes WhatsApp as a primary distribution vector for the Windows banking trojan Astaroth, primarily targeting users in Brazil. The malware’s core mechanism involves compromising a victim’s system, harvesting their WhatsApp contact list, and automatically initiating malicious message distribution to every contact, thereby facilitating rapid, trust-based P2P propagation. While Astaroth traditionally targets conventional banking credentials, this highly effective distribution model presents a critical concern for the Web3 space. Many Web3 users store sensitive assets, including private keys and wallet access methods, on the same Windows environments targeted by Astaroth. Furthermore, the automated, high-trust spreading technique serves as a potent blueprint for future malware deployments aimed at decentralized identity systems or secure messaging layers within the dApp ecosystem. The efficacy of leveraging social trust for malware dissemination demands heightened vigilance from all Web3 infrastructure developers.
Source: WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging
コメント