Web3 employees are encountering a new wave of attacks that utilize fraudulent meeting apps to steal personal and financial information, including cryptocurrency wallet credentials. According to Cado Security Labs, scammers use artificial intelligence (AI) to develop convincing phony company websites and social media profiles, deceiving victims into downloading malware-laden video conferencing software.
An app named “Meeten” (also known as “Meetio” or “Cuesee”), which constantly changes names to avoid detection, is the center of the scam. Once downloaded, this program installs the Realst Info Stealer virus. The malicious program checks for sensitive information such as Telegram login credentials, bank card information, and cryptocurrency wallet data before sending it back to the attackers.
To bolster their legitimacy, scammers create AI-generated websites and social media accounts that appear authentic, further misleading their victims. Scammers create these websites to mimic legitimate businesses, thereby complicating the detection of their scam.
Cado Security Labs has discovered a new malware campaign targeting Web3 workers with a sophisticated scam using AI-generated content to appear legitimate.
— Cado (@CadoSecurity) December 6, 2024
Read more in our latest blog post: https://t.co/Pj8Y82kaKY
In one reported case, the fraudster impersonated someone the victim knew on Telegram and persuaded them to participate in a business-related video conversation. Once the user downloaded the infected program, the fraudster stole their cryptocurrency.
These kinds of assaults, which combine AI-generated material with social engineering approaches, demonstrate cybercriminals’ rising skill in the Web3 area. Web3 workers should use caution and avoid downloading software from unexpected sites, even if the request appears legitimate.
