Portuguese 
English 
Spanish 
3 min of reading 
0 comments 
A new virus spreading through WhatsApp Web is putting entire computers and corporate networks at risk in Brazil. The attack, identified by researchers at Trend Micro Research, has been described as one of the most aggressive malware campaigns in recent years, precisely because it spreads using something millions of people trust: their conversations on WhatsApp.
Unlike classic scams that attempt to steal passwords or demand ransom for data, this malicious code — dubbed SORVEPOTEL — was designed to multiply in seconds. It exploits the simple act of opening a file sent by someone known to initiate a chain infection that can compromise everything from personal laptops to corporate servers.
The operation, nicknamed by experts as Water Saci, focuses almost entirely on Brazil, with over 95% of confirmed cases in the country. The tactic starts simply: a ZIP file arrives via message, appearing as a receipt, quote, or purchase order. The text is convincing enough to make the victim open the attachment on their computer — and that’s where the damage begins.
-
In China, a single person with artificial intelligence tools can already do the work of 50 to 100 employees: the new five-year plan bets on the one-person company model, and Suzhou is the laboratory for this revolution.
-
The USA accelerates the production of sensors launched into the ocean to hunt quieter submarines, and the new system promises to detect targets at greater distances in rough seas, shallow waters, and noisy areas, changing the game of anti-submarine warfare.
-
Science has discovered that white hair is not a sign of the body’s failure but rather a defense mechanism that sacrifices the color of the strands to protect the root against something much more serious.
-
Scientists believed that this marsupial had disappeared 6,000 years ago, but an expedition found two living specimens in a remote forest in New Guinea with a finger that no other animal on the planet possesses.
As soon as the user executes the file, the virus triggers a PowerShell script that creates a secret bridge with servers controlled by hackers. This script downloads additional instructions and executes them directly in the system’s memory, bypassing antivirus and traditional security tools.
Then, a second stage injects code into legitimate Windows processes, ensuring that the malware remains active and invisible. Experts have discovered that it is capable of monitoring banking activities, copying data, and automatically sending new messages to all of the victim’s contacts — all through WhatsApp Web itself.
The speed of propagation is impressive. In just a few minutes, the virus replicates on multiple devices, turning the victim’s account into a spam-sending machine. The behavior is so aggressive that many accounts end up automatically blocked by WhatsApp due to excessive messages sent.
And the worst part: even with the block, the infection remains active on the computer, ready to be reactivated if the user reconnects their account.
Trend Micro’s data is alarming: 457 of the 477 identified attacks occurred in Brazil, placing the country at the center of this new digital threat. Companies with BYOD (Bring Your Own Device) policies — that allow employees to use their own laptops at work — are among the most vulnerable. A single contaminated computer is enough to take down an entire corporate network, as the virus moves quickly between contacts and systems.
The attack combines social engineering with high-level automation. It does not rely on vulnerabilities in WhatsApp, but on the trust between people. The victim believes they are opening a legitimate document and, without realizing it, hands over total control of their computer to criminals.
To protect themselves, experts recommend following some simple, yet vital, steps:
- Never open ZIP attachments received via messages, even if they seem trustworthy;
- Download receipts and invoices only from official websites or corporate channels;
- Keep antivirus and Windows updated, especially with security patches;
- Avoid using WhatsApp Web on company computers or those containing sensitive data;
- And, in case of suspected infection, immediately disconnect from the internet and seek technical help.
The Water Saci attack is more than just a common scam: it is a brutal reminder of how haste and trust can be the biggest security flaws in times of hyperconnectivity.
In today’s digital world, it takes just one wrong click to turn an innocent conversation into a corporate disaster.
Seja o primeiro a reagir!