- Cybercriminals utilize fake meeting apps to target Web3 professionals.
- Real virus grabs crypto and sensitive data from compromised machines.
As a seasoned researcher with over two decades of experience under my belt, I must say that the recent surge in cyberattacks targeting Web3 professionals is nothing short of alarming. The use of fake video conferencing applications to spread malware like Realst is a new low, even for cybercriminals.
Security experts are raising alarm bells about a new scam specifically targeting professionals in the Web3 sector. This scam employs bogus video conferencing applications to distribute a highly potent data-stealing program called Realst. Similar to other deceptive apps that pose as secure business meeting platforms, these applications are crafted to swipe sensitive information, such as complex details of cryptocurrency wallets.
And according to security experts at Cado Security Labs, the scam uses deceptive tactics, including impersonation on messaging platforms like Telegram, to trick users into downloading the malicious app.
This Meeten scam is using AI-posed fake companies to some extent to add some layer of legitimacy to the entire scam. These attackers are coming to the victims via Telegram. They present a false investment proposal and invite them for a video call. Then, the sites redirect users to platforms hosting suspicious applications like Clusee, Cuesee, Meeten, Meetone, and Meetio. Once users download these applications, they begin stealing information such as cryptocurrency wallet addresses, banking data, and Telegram login credentials.
How Meeten Works and Impacts Users
After being installed on either macOS or Windows systems, the malware began secretly gathering data from the affected computer. On macOS, the malware shows a message claiming that the application isn’t compatible with the user’s operating system and requests an admin password to operate effectively. Both the Atomic macOS Stealer and Cuckoo Stealer families employ this tactic using osascript on macOS.
The malware uses an installer that seems to have stolen a legitimate signature from Brys Software Ltd., allowing it to run a Rust-based binary obtained online. Security experts caution that cybercriminals are increasingly utilizing AI tools to create convincing fraudulent websites, making it challenging to identify malicious sites and detection more difficult.
In a similar fashion to previous schemes, there was the unveiling in March of meethub[.]gg, which tricked cryptocurrency users with false meeting applications. Additionally, in June, an operation called markopolo was exposed, exploiting crypto fans by providing fraudulent virtual meeting software, with the intent of stealing digital assets.
The rising trend of using fraudulent video applications that carry malicious software underscores a growing danger to the Web3 infrastructure. It’s crucial for users to exercise extreme caution when downloading apps, particularly if they’re participating in online meetings with unfamiliar companies or considering investment offers.
Read More
- SUI PREDICTION. SUI cryptocurrency
- „People who loved Dishonored and Prey are going to feel very at home.” Arkane veteran sparks appetite for new, untitled RPG
- LDO PREDICTION. LDO cryptocurrency
- Destiny 2: A Closer Look at the Proposed In-Game Mailbox System
- Clash Royale Deck Discussion: Strategies and Sentiments from the Community
- Jennifer Love Hewitt Made a Christmas Movie to Help Process Her Grief
- ICP PREDICTION. ICP cryptocurrency
- Naughty Dog’s Intergalactic Was Inspired By Akira And Cowboy Bebop
- Critics Share Concerns Over Suicide Squad’s DLC Choices: Joker, Lawless, and Mrs. Freeze
- EUR IDR PREDICTION
2024-12-10 09:03