Particle.news
Download on the App Store
3 ARTICLES
·
10h ago

Trend Micro Flags New ‘SORVEPOTEL’ Malware Spreading via WhatsApp Web

The Windows-targeting threat arrives in ZIP shortcuts, installs via PowerShell, then auto-forwards from compromised desktops.

Alerta por virus informático que se esparce por WhatsApp Web
Image
Detectan malware que se propaga por WhatsApp en países de América Latina

Overview

  • Trend Micro reported 477 infections linked to SORVEPOTEL, with 457 detections in Brazil.
  • Infection starts with a phishing message carrying a ZIP that hides a .LNK file, which triggers a PowerShell download and installation.
  • Once active, the malware detects WhatsApp Web sessions and automatically resends the infected file to contacts and groups.
  • Analysts have not confirmed data theft or file encryption to date, though some reports allege banking credential capture using fake overlays.
  • Experts urge disabling auto-downloads in WhatsApp, avoiding unexpected ZIPs, enforcing corporate file-transfer controls, and keeping systems and antivirus up to date.