A recent research brief shows that a new malware campaign dubbed SORVEPOTEL is using WhatsApp to spread autonomously across Windows systems by sending infected ZIP files to the contacts of compromised accounts. The malware hijacks active WhatsApp Web sessions to propagate itself and then deploys payloads aimed at financial institutions and crypto platforms. This move underscores how communication apps are being weaponized as propagation vectors in mobile-centered attack chains.
Read the full report here.
