{"id":350617,"date":"2025-10-21T07:10:00","date_gmt":"2025-10-21T14:10:00","guid":{"rendered":"https:\/\/cms-articles.softonic.io\/es\/?p=399671"},"modified":"2025-10-21T07:25:47","modified_gmt":"2025-10-21T14:25:47","slug":"be-careful-if-you-use-whatsapp-web-because-you-could-be-a-victim-of-spam","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/be-careful-if-you-use-whatsapp-web-because-you-could-be-a-victim-of-spam\/","title":{"rendered":"Be careful if you use WhatsApp Web, because you could be a victim of spam"},"content":{"rendered":"\n

Cybersecurity researchers have discovered a coordinated campaign that uses 131 cloned WhatsApp Web automation extensions to spam users in Brazil. According to supply chain security company Socket, all of these extensions share the same code, design patterns, and infrastructure, and have approximately 20,905 active users<\/strong>.<\/p>\n\n\n

Some extensions that are not malicious, but can do harm<\/h2>\n\n\n

Extensions, which are not malware in the classical sense, are considered high risk due to their ability to abuse platform rules by injecting code directly into the WhatsApp Web page. This allows for the automation of mass message sending without user confirmation, with the aim of evading rate limits and WhatsApp’s anti-spam controls.<\/strong> The activity has been ongoing for at least nine months, with recent updates observed on October 17, 2025.<\/p>\n\n\n

Investigations reveal that most of the extensions have been published by \u201cWL Extens\u00e3o,\u201d suggesting that the differences in names and logos are linked to a franchise model. This model allows affiliates to flood the Chrome Web Store with various copies of the original extension offered by DBX Tecnologia<\/strong>. These extensions have the marketing of customer relationship management (CRM) tools, promoting sales optimization through WhatsApp Web.<\/p>\n\n\n

\n