Skip to content
Strengthen Your Digital FortressAll about technology.

New Malware SORVEPOTEL Exploits WhatsApp, Threatens Global Organizations

SORVEPOTEL's aggressive spread via WhatsApp makes it a global threat. Enterprises must enhance security measures to protect against this sophisticated malware.

 and  Administrator
1 min read
In the picture we can see a woman standing and talking in the microphone on the desk in front of...
In the picture we can see a woman standing and talking in the microphone on the desk in front of the desk, we can see a blue colored cloth with something written on it and in the background we can see a wall with some board and some advertisement on it.

New Malware SORVEPOTEL Exploits WhatsApp, Threatens Global Organizations

A new malware threat, dubbed SORVEPOTEL, has been targeting organizations worldwide since early September 2025. The malware exploits messaging platforms, specifically WhatsApp, for its aggressive spread and has been observed targeting Brazilian organizations initially.

SORVEPOTEL gains entry through deceptive phishing messages, often disguised as innocent documents in ZIP attachments. Once executed, it establishes a foothold on the system by launching a hidden PowerShell script via a Windows shortcut (.LNK) file. This script downloads and runs the primary payload. The malware then copies itself into the Windows Startup folder for persistence and connects to command-and-control (C2) servers. It scans for active WhatsApp Web sessions and automatically propagates the same malicious ZIP across all contacts and groups, exploiting the messaging platform for replication. Additionally, it uses phishing emails as an alternative infection vector, with similarly named ZIP attachments appearing to originate from trusted institutions.

Enterprises worldwide are facing an aggressive campaign with SORVEPOTEL, which elevates itself into a significant threat due to its ability to exploit messaging platforms used for internal communication.

SORVEPOTEL, first observed targeting Brazilian organizations, has escalated into a global threat. It exploits messaging platforms, particularly WhatsApp, for rapid replication. To mitigate this threat, enterprises should ensure their systems are up-to-date, use active antivirus protection, raise user awareness about phishing, and implement robust network security measures. For specific information, consult reliable security reports and updates from renowned IT security companies or government bodies.

Read also:

Related

Latest