How the Scam Works
Scammers create fake company websites and social media accounts using artificial intelligence. These accounts appear legitimate and are used to contact targets, often pretending to be colleagues or potential business partners.
The attackers then ask victims to download a meeting app. The malicious software contains a Realst info stealer, designed to harvest:
- Crypto wallet details (e.g., Ledger, Trezor, Binance Wallets).
- Banking card information.
- Telegram logins.
Tactics Used by Scammers
- AI-Generated Websites:
- Fake blogs and product content make websites look legitimate.
- Linked social media accounts on platforms like X (formerly Twitter) and Medium add credibility.
- Spoofing and Social Engineering:
- Impersonation of trusted contacts to discuss fake opportunities.
- Sharing genuine-looking presentations from the victim’s company.
- Targeted Malware:
- Javascript embedded in fake websites can steal crypto stored in browsers before the app is even installed.
- Both macOS and Windows versions of the malware are available.
Notable Incidents
Scammers posing as colleagues contacted some Web3 workers on Telegram. In one case, an impersonator sent the victim a company presentation, demonstrating how tailored and sophisticated these attacks can be.
Others have experienced crypto theft after using the fake apps during business calls related to Web3.
Broader Context
This scheme isn’t isolated. In recent months:
- August: Security researcher ZackXBT uncovered 21 developers, believed to be North Korean operatives, working on fake crypto projects.
- September: The FBI warned that North Korean hackers were targeting crypto firms and decentralized finance projects with malware disguised as job offers.
How to Stay Safe
Here are some tips to protect yourself:
Action |
Why It’s Important |
Verify company websites |
Look for inconsistencies in content and domain names. |
Be cautious with meeting apps |
Avoid downloading unknown software, especially for meetings. |
Check with contacts directly |
Confirm the identity of people reaching out, especially via Telegram. |
Use strong cybersecurity tools |
Antivirus and malware detection can block harmful downloads. |
Monitor crypto wallets |
Regularly check wallet activity for unauthorized transactions. |
Scams involving AI are rapidly becoming more sophisticated. Threat actors are leveraging this technology to craft convincing schemes, making vigilance essential for Web3 professionals. Always verify software and contacts before sharing sensitive information or downloading applications.
+ There are no comments
Add yours