Cybersecurity experts have found similarities between two malware strains, Coyote and Maverick, both targeting Brazilian banking users. Both malware types are written in .NET and use WhatsApp Web to spread. Maverick, recently discovered by Trend Micro, works by delivering a ZIP file through WhatsApp, which contains malware that monitors banking activity and steals login details. The malware uses advanced techniques to avoid detection, including bypassing browser authentication and stealing cookies. The campaign, linked to a group called Water Saci, also hijacks WhatsApp accounts to spread further. While the malware targets mainly Brazilian users, it has been found in hotels, suggesting broader targets. Researchers suggest that Water Saci may have evolved from the Coyote malware, with a focus on exploiting popular communication platforms for more stealthy and widespread attacks.