Eternidade Stealer: WhatsApp-Based Banking Trojan Targets Users

Trustwave SpiderLabs researchers have identified a new banking Trojan, Eternidade Stealer, distributed through WhatsApp hijacking and social engineering. The malware uses IMAP to dynamically retrieve C2 addresses and employs a Python script for WhatsApp propagation. It targets users in a specific region, focusing on banking, fintech, and cryptocurrency applications. The campaign showcases evolving tactics, including dynamic C2 retrieval and geofencing.