Loading Articles!

Unbelievable WhatsApp Spam Scheme: 131 Fake Extensions Targeting Brazil Exposed!

Marcus Brown
Marcus Brown
"This is wild! I can't believe how low some people will go for a quick buck."
Sophia Chen
Sophia Chen
"Are these extensions really that harmful? I thought they were just annoying!"
Derrick Williams
Derrick Williams
"I wonder how many people fell for this scam before it got exposed."
Hiroshi Nakamura
Hiroshi Nakamura
"This feels like something out of a tech thriller! What's next?"
Sofia Mendes
Sofia Mendes
"Spam in my WhatsApp? I’d be furious! How do we protect ourselves?"
Sophia Chen
Sophia Chen
"Why doesn’t WhatsApp do more to stop these kinds of scams?"
Rajesh Patel
Rajesh Patel
"I can’t even keep track of all the fake extensions anymore!"
Sergei Ivanov
Sergei Ivanov
"If only the real WhatsApp could send spam to these scammers instead!"
Lian Chen
Lian Chen
"This is a digital nightmare! Thanks for shedding light on this issue."
Isabella Martinez
Isabella Martinez
"I guess some people will do anything for a little profit, huh?"

2025-10-20T10:47:00Z

In a shocking revelation, cybersecurity experts have unveiled a massive campaign that hijacked over 131 clones of a WhatsApp Web extension on Google Chrome to unleash a torrent of spam on unsuspecting Brazilian users. Imagine your messaging app being turned into a spam factory—this is exactly what’s happening!

According to the supply chain security firm Socket, these 131 spamware extensions are more than just a nuisance; they share identical code, design, and infrastructure, boasting nearly 21,000 active users. As Kirill Boychenko, a security researcher at Socket, pointed out, these are not your typical malware programs. Instead, they’re high-risk spam automation tools that exploit platform rules.

So, how do they work their dubious magic? The malicious code is injected directly into WhatsApp Web, running parallel to WhatsApp's own scripts. This allows for bulk messaging and scheduling that cleverly dodges WhatsApp’s anti-spam measures. The ultimate goal? To flood users’ WhatsApp with messages while skirting around the platform's rate limits and spam defenses.

This ongoing campaign has reportedly been active for at least nine months, with fresh uploads and updates as recent as mid-October 2025. Among the most notorious extensions are YouSeller, which claims 10,000 users, along with others like performancemais and Botflow—all masquerading under different names and logos.

The mastermind behind this chaos seems to be a company named DBX Tecnologia, which offers a white-label program. This scheme allows affiliates to rebrand and resell the WhatsApp extension, promising eye-popping profits of up to R$84,000 with a modest investment of R$12,000. It’s a modern-day gold rush, but at what cost?

Unfortunately, this operation violates Google's Chrome Web Store policies, which prohibit multiple extensions that deliver duplicate functionality. The irony? DBX Tecnologia has even produced YouTube videos suggesting how to bypass WhatsApp’s anti-spam defenses using these very extensions.

As if that weren't enough, this news emerges alongside reports from Trend Micro, Sophos, and Kaspersky about a large-scale campaign targeting Brazilian users with a WhatsApp worm dubbed SORVEPOTEL, which is tied to a banking trojan known as Maverick. It’s a wild west out there in the digital landscape, and users need to be vigilant against these sophisticated ploys.

Profile Image George Bennett

Source of the news:   The Hacker News

BANNER

    This is a advertising space.

BANNER

This is a advertising space.