As a seasoned crypto investor with a fair share of battles fought and lessons learned, I can’t help but feel a sense of unease reading about this latest wave of cyberattacks. It seems like every time we make progress, the predators find new ways to lurk in the shadows.
Cybercriminals are employing a strategy that involves creating false meeting applications, which they use to introduce malware and pilfer login details for websites, mobile apps, and digital wallets containing cryptocurrency, as per a caution issued by Cado Security Labs.
Fraudsters are creating and managing fake company websites and social media profiles with the help of artificial intelligence, making them look genuine. Later, they approach possible victims, encouraging them to install a meeting application, as stated by Cado’s Threat Research Lead, Tara Gould in her December 6th report.
The app, originally known as ‘Meeten’, is now temporarily called ‘Meetio’. It’s important to note that this app has a history of changing its names, which includes past identities like Clusee.com, Cuesee, Meeten.gg, Meeten.us, and Meetone.gg.
As an analyst, I’ve discovered that this application I’m analyzing is equipped with a Realst info-stealing tool. Upon installation, it actively seeks out confidential data like your Telegram login credentials, bank card details, and specifics about your crypto wallets. This information is then transmitted back to the attackers.
Additionally, the thief may look up information such as browser cookies, saved login details from apps like Google Chrome and Microsoft Edge, as well as data related to digital wallets like Ledger, Trezor, and Binance.
In my exploration of this topic, I’ve found that the approach could potentially incorporate social engineering and identity fraud. I had a personal experience where a contact on Telegram reached out to me under the guise of discussing a business venture. Upon further investigation, it was revealed that the individual was actually an impersonator.
Intriguingly, the con artist forwarded what appeared to be a business proposal from the victim’s own company, suggesting a highly strategic and personalized fraud, according to Gould.
According to reports, people have experienced issues such as losing their cryptocurrency while working on calls about Web3-related tasks and downloading the necessary software, as per Gould’s statement.
To help gain credibility, the scammers set up a company website with AI-generated blogs, product content and accompanying social media accounts, including X and Medium.
As a crypto investor, I’ve noticed that lately, the spotlight has been on AI’s ability to produce harmful software. However, what might be slipping under the radar is the growing trend of cybercriminals leveraging AI to craft content for their malicious campaigns, as Gould pointed out.
AI technology allows cybercriminals to swiftly generate authentic-looking web content for their fraudulent activities, making it challenging to spot deceptive sites.
The con artists have developed both a version for macOS and one for Windows. According to Gould, this deceptive strategy has been in operation for approximately four months.
Other fraudsters have also been actively employing similar methods. In August, digital detective ZackXBT reported discovering 21 developers, who were allegedly North Korean, working on various cryptocurrency initiatives while using false identities.
In September, the FBI put out a cautionary notice regarding North Korean cybercriminals who have been spotted attempting to infiltrate cryptocurrency businesses and decentralized financial platforms using software that masquerades as job offers.
Read More
- The Masked Singer Christmas special line-up – who are the characters?
- CRV PREDICTION. CRV cryptocurrency
- CTK PREDICTION. CTK cryptocurrency
- ZIG PREDICTION. ZIG cryptocurrency
- Polygon: Analyzing the impact of derivatives on its price momentum
- IMX PREDICTION. IMX cryptocurrency
- CTXC PREDICTION. CTXC cryptocurrency
- TNSR PREDICTION. TNSR cryptocurrency
- AGI PREDICTION. AGI cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
2024-12-09 09:11