Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

Updated on December 3, 2025

The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to propagate a worm that deploys a banking trojan via WhatsApp in attacks targeting users in Brazil.
The latest wave is characterized by the attackers shifting from PowerShell to a Python-based variant that spreads the…

Read the rest of the story at Read More

Source: The Hacker News

October 10, 2024 Uncategorized

Firefox Zero-Day Under Attack: Update Yo...

March 11, 2025 Uncategorized

Moxa Issues Fix for Critical Authenticat...

January 10, 2025 Uncategorized

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

Related posts

Firefox Zero-Day Under Attack: Update Yo...

Moxa Issues Fix for Critical Authenticat...

RedDelta Deploys PlugX Malware to Target...

Leave a Comment Cancel reply

Recent News

Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

A Browser Extension Risk Guide After the ShadyPanda Campaign

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale