PANews reported on November 20th that, according to Cointelegraph , hackers in Brazil are spreading a worm - banking trojan combination via WhatsApp , delivering " Eternidade Stealer " to steal login information from cryptocurrency wallets and financial accounts. The worm hijacks accounts and intelligently filters groups and business contacts, spreading only to personal contacts; the trojan automatically downloads and runs, scanning local financial data and logging into multiple banks, exchanges, and wallets. This malware uses a pre-set Gmail account to obtain and update C2 commands, reverting to a hard-coded C2 connection when a connection fails to connect, thus maintaining persistence and evading logout. The security team SpiderLabs advises caution when clicking on unfamiliar or suspicious links, and to immediately freeze access to banks and cryptocurrency services if compromised.