Cybersecurity experts have identified a sophisticated malware campaign targeting WhatsApp users in Brazil, designed to steal banking credentials and cryptocurrency exchange logins. The attack, which began on September 29, 2025, exploits social engineering by sending infected messages from compromised contacts, prompting victims to download malicious ZIP files that disable security measures and deploy a banking trojan. This self-propagating malware leverages WhatsApp’s popularity, leading to an exponential spread among users. The incident underscores the evolving cyber threat landscape, emphasizing the necessity for heightened security awareness and robust defenses against such intricate attacks, particularly on widely used messaging platforms like WhatsApp, which is integral to both personal and business communications in Brazil.