Researchers have identified a new self-propagating malware campaign dubbed SORVEPOTEL, primarily targeting users in Brazil through the messaging app WhatsApp. This malware spreads via phishing messages that contain malicious ZIP file attachments, which when opened on a desktop, hijack the compromised WhatsApp account to send copies of the malware to the victim’s contacts. The attack is characterized by its focus on rapid propagation rather than data theft or ransomware, indicating a potential shift in cybercriminal tactics aimed more at creating widespread disruption. Most infections have been observed in sectors such as government, technology, and construction, with 457 out of 477 cases reported in Brazil. The broader significance of this malware outbreak lies in its exploitation of social trust and the growing reliance on messaging platforms for communication, raising concerns about cybersecurity and the need for robust defenses against evolving threats in digital communication networks. This incident underscores the vulnerability of even widely used applications and emphasizes the importance of vigilance among users in safeguarding their accounts against such sophisticated cyber threats.