Stealer in the status bar. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

News, Daily News, Tech News, Technology

4.8 • 1.1K Ratings

🗓️ 14 February 2026

⏱️ 16 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Today we have Ziv Mador, VP of Security Research from LevelBlue SpiderLabs discussing their work on "SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp." Researchers at LevelBlue SpiderLabs have identified a new Brazilian banking Trojan dubbed Eternidade Stealer, spread through WhatsApp hijacking and social engineering campaigns that use a Python-based worm to steal contacts and distribute malicious MSI installers. The Delphi-compiled malware targets Brazilian victims, profiles infected systems, dynamically retrieves its command-and-control server via IMAP email, and deploys banking overlays to harvest credentials from financial institutions and cryptocurrency platforms. The campaign reflects the continued evolution of Brazil’s cybercrime ecosystem, combining WhatsApp propagation, geofencing, encrypted C2 communications, and process injection to maintain stealth and persistence. The research can be found here: SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	Identity is a top attack vector.
0:14.5	In our interview with Kvita Maria Pan from Rubrik, she breaks down why 90% of security leaders
0:20.8	believe that identity-based attacks are
0:22.9	their biggest threat. Throughout this conversation, we explore why recovery times are getting longer,
0:28.2	not shorter, and what resiliency will look like in this AI-driven world. If you're struggling to get
0:34.2	a handle on identity risk, this is something you should tune into.
0:38.1	Check out the full interview at thecyberwire.com slash rubric.
0:52.0	Maybe that's an urgent message from your CEO, or maybe it's a deep fake trying to target your business.
0:59.7	Dopple is the AI-native social engineering defense platform fighting back against impersonation and manipulation.
1:07.4	As attackers use AI to make their tactics more sophisticated, Dopple uses it to fight back,
1:13.5	from automatically dismantling cross-channel attacks to building team resilience and more.
1:19.3	Dopple, outpacing what's next in social engineering.
1:23.1	Learn more at Dopple.com.
1:25.6	That's do p-p-el.com. That's do P-P-P-E-L.com.
1:28.4	Hello, everyone, and welcome to the CyberWires Research Saturday. I'm Dave Bittner and this is our weekly
1:45.8	conversation with researchers and analysts tracking down the threats and vulnerabilities, solving
1:51.3	some of the hard problems and protecting ourselves in a rapidly evolving cyberspace. Thanks for
1:57.2	joining us.
2:06.6	When I noticed an unusual connection, someone was trying to run some PowerShell script
2:09.6	in the environment of one of our clients,
2:11.6	and that triggered our attention.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.