Self-Propagating Malware Spreads Through WhatsApp - 1

Image by Brett Jordan, from Unsplash

Self-Propagating Malware Spreads Through WhatsApp

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

A new malware campaign is rapidly spreading through WhatsApp in Brazil.

In a rush? Here are the quick facts:

  • Targets mainly enterprises, including government and public service organizations.
  • Malware hijacks WhatsApp Web to send itself automatically to contacts.
  • Infection starts via phishing messages or emails with disguised ZIP files.

Named SORVEPOTEL, the malware uses ZIP file attachments to infect Windows computers and then hijacks WhatsApp accounts to send itself to all contacts, as first discovered by Trend Micro Researchers.

The method enables fast distribution between users who need to perform only minimal actions.

According to Trend Micro, “SORVEPOTEL has been observed to spread across Windows systems with a message that requires users to open it on a desktop, suggesting that threat actors behind the campaign are targeting enterprises.”

The majority of detected cases amount to 457 out of 477 which have occurred in Brazil and impacted government institutions and public services and manufacturing and technology and education and construction organizations.

The infection starts when a person opens a phishing email which seems to be from their contact list. The message contains a ZIP file that masquerades as a receipt or budget document or health-related document. It encourages the user to “baixa o zip no PC e abre” (download the ZIP on PC and open it).

The attackers have used phishing emails which seem to originate from authentic email addresses with two different subject lines: “Documento de Rafael B” and “Extrato.”

The ZIP file contains a Windows shortcut (.LNK) file which executes when opened to download malware from attacker-controlled domains without user interaction. The malware creates persistence by running automatically at startup and uses active WhatsApp sessions to distribute itself to all contacts and groups which frequently leads to account bans for spam activities.

The Trend Micro analysis shows that the attackers want to spread their malware across multiple systems instead of trying to penetrate deep into the system. The Brazilian government has employed these methods in previous election campaigns to attack financial information.

Users and organizations need to disable auto-downloads on WhatsApp and manage file transfers while boosting their security knowledge. The Trend Micro team actively tracks this campaign to detect any future occurrences.

OpenAI’s Sora App Sparks Misinformation Concerns - 2

Image by Jonathan Kember, from Unsplash

OpenAI’s Sora App Sparks Misinformation Concerns

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

OpenAI’s new social media app, Sora, is raising concerns over potential misuse.

In a rush? Here are the quick facts:

  • Cameo feature inserts avatars of users, contacts, or public figures.
  • Draft videos lacked visible watermarks, allowing easy screen recording.
  • Experts warn Sora could be misused for scams, bullying, misinformation.

Sora enables users to produce authentic AI video content through text inputs which display as TikTok-like AI-generated video clips.

Bloomberg reporter Rachel Metz successfully generated videos which made her manager appear to perform outrageous actions such as employee dismissals and car destruction during her first attempts.

She said the clips “could easily cause someone to lose their job, and it only took me a few minutes to create them using OpenAI’s latest product.”

The app features Cameo as a tool which enables users to embed realistic digital versions of themselves and their contacts and public figures including OpenAI co-founder Sam Altman into video content. The feature exists for creating humorous memes yet users can use it to generate realistic fake video content.

Rachel Tobac, CEO of SocialProof Security, warned the app could be used for scams, bullying, and spreading misinformation. She said, “It creates a strange sense of plausible deniability while at the same time also creating fake evidence,” as reported by Bloomberg.

OpenAI recognized the potential dangers through their statement which stated that “Our usage policies prohibit misleading others through impersonation, scams, or fraud, and we take action when we detect misuse,” reported Bloomberg. The company implemented watermarking technology for draft clips during their development of new solutions to stop users from recording draft content which did not have AI detection at that time.

Social media content creation has taken a new path through Sora because AI-generated content now appears frequently on social media platforms.

Meta Platforms’ recent launch of a similar AI video feed called Vibes shows the competition to boost engagement, but also underscores broader concerns about the “muddying” of the information ecosystem. Bloomberg reported that Tobac said, “It will lead to a lot of the enshittification of social media”.

AI video applications gain more users but experts state that platforms need to find a balance between user interaction and safety measures and clear disclosure practices and false information prevention.