131 Spamware Extensions Targeting WhatsApp Flood Chrome Web Store

A cluster of 131 Chrome extensions, rebranded versions of a single tool, has been identified as a high-risk spam automation system that abuses platform rules by injecting code into WhatsApp Web to automate bulk messaging, aiming to bypass WhatsApp's anti-spam measures. Despite claims of privacy compliance due to their presence on the Chrome Web Store, these extensions violate both Chrome and WhatsApp policies, with takedown requests filed against them. The operation spans nine months, using a franchise-like model where affiliates sell rebranded clones, misleadingly marketed as privacy-safe due to their Chrome Web Store listing, while the actual code and infrastructure remain unchanged. The extensions, published under two developer accounts, are marketed towards Brazilian small businesses with promises of high returns, despite the inherent policy and reputational risks associated with spam and policy violations. The operation, run by DBX Tecnologia and Grupo OPT, illustrates a larger trend of policy abuse that persists despite regulatory efforts, highlighting the need for effective monitoring and intervention.