Cybersecurity researchers have uncovered a large-scale campaign involving 131 rebranded clones of a Google Chrome extension designed to automate WhatsApp Web, collectively used to spam thousands of Brazilian users.
Researchers at supply chain security firm Socket, who detailed the operation, describe the extensions as spamware tools that share identical codebases, design patterns, and backend infrastructure. In total, the add-ons are installed on over 20,900 devices.
“Based on Chrome Web Store timestamps and our captures of the 131 unique listings, the operation has run for at least nine months,” the report notes. “Rebrands and updates landed in regular waves throughout 2025, with new uploads and version bumps observed as recently as October 14, 2025.”
The goal of the campaign is to facilitate mass outbound messaging by bypassing WhatsApp’s rate limits and spam detection mechanisms.
Some of the most downloaded extensions include: YouSeller (10,000 users); performancemais (239 users); Botflow (38 users); ZapVende (32 users)
While the extensions appear under various names and logos, most have been published by a developer entity called “WL Extensão” or “WLExtensao.” The researchers believe this points to a franchise-style model managed by a Brazilian company named DBX Tecnologia.
“DBX Tecnologia (DBX Technology Group), the operator of the original extension that spawned 131 clones, markets a reseller program. DBX Tecnologia and Grupo OPT, which operates the grupoopt.com[.]br domain, are effectively two arms of the same business under the same founder, not unrelated companies. Both describe their work as an ecosystem that builds WhatsApp-based solutions, among other products,” according to the report.
However, this business model and the proliferation of near-identical extensions violate Google’s Chrome Web Store policies, which prohibit submitting multiple extensions with duplicate functionality. Furthermore, DBX has published YouTube tutorials instructing users on how to bypass WhatsApp's spam protections using the tools.