{"id":26864,"date":"2024-12-09T09:50:34","date_gmt":"2024-12-09T09:50:34","guid":{"rendered":"https:\/\/mycryptomania.com\/?p=26864"},"modified":"2024-12-09T09:50:34","modified_gmt":"2024-12-09T09:50:34","slug":"web3-workers-targeted-by-malware-campaign-using-fake-meeting-apps-cado-security-labs","status":"publish","type":"post","link":"https:\/\/mycryptomania.com\/?p=26864","title":{"rendered":"Web3 Workers Targeted by Malware Campaign Using Fake Meeting Apps: Cado Security Labs"},"content":{"rendered":"

According to cybersecurity firm Cado Security Labs, Web3 professionals are the latest victims of a sophisticated malware campaign that employs fake meeting apps to steal sensitive credentials and crypto assets.<\/span><\/p>\n

In a <\/span>report released on December 6<\/span><\/a>, Cado\u2019s threat research lead, Tara Gould, detailed how scammers <\/span>are leveraging<\/span> artificial intelligence (AI) to craft convincing websites and social media profiles that mimic legitimate companies.<\/span><\/p>\n

The malicious app, initially called \u201cMeeten,\u201d has undergone several rebrands, now operating as \u201cMeetio\u201d and previously using domains such as Clusee.com, Cuesee, Meeten<\/span>.gg<\/span>, and Meetone<\/span>.gg<\/span>. <\/span><\/p>\n

EXPLORE:\u00a0<\/span>Crypto Tax Guide 2024<\/span><\/a><\/strong><\/p>\n

Malicious App Deploys Information Stealer Once Downloaded<\/span><\/h2>\n

Once downloaded, the app deploys a Realst information stealer <\/span>to extract sensitive data, including Telegram logins, banking information, and cryptocurrency wallet credentials. <\/span><\/p>\n

The malware also targets browser cookies, autofill data from applications like Google Chrome and Microsoft Edge, and<\/span>\u00a0information from crypto wallets such as Ledger, Trezor, and Binance Wallet.<\/span><\/p>\n

The attackers employ a combination of social engineering and spoofing tactics. Gould highlighted a case where a victim was approached on Telegram by someone impersonating a known contact. <\/span><\/p>\n

The scammer shared an investment presentation from the victim\u2019s company<\/span>..<\/span> Other reports include incidents where individuals participated in Web3-related calls, downloaded <\/span>the fraudulent<\/span> software, and subsequently lost cryptocurrency holdings.<\/span><\/p>\n

To bolster their credibility, the scammers utilize AI to generate blogs, product descriptions, and social media content for their fake company websites. <\/span><\/p>\n

Cado Security Labs has discovered a new malware campaign targeting Web3 workers with a sophisticated scam using AI-generated content to appear legitimate. <\/p>\n

Read more in our latest blog post: https:\/\/t.co\/Pj8Y82kaKY<\/a><\/p>\n

\u2014 Cado (@CadoSecurity) December 6, 2024<\/a><\/p>\n\n

These websites, often hosted on platforms like X (formerly Twitter) and Medium, add an air of legitimacy to the campaign, making it harder for users to detect malicious intent. <\/span><\/p>\n

\u201cWhile much of the recent focus has been on the potential of AI to create malware, threat actors are increasingly using AI to generate content for their campaigns,\u201d Gould said.<\/span><\/p>\n

\u201cUsing AI enables threat actors to quickly create realistic website content that adds legitimacy to their scams and makes it more difficult to detect suspicious websites.\u201d\u00a0<\/span><\/p>\n

EXPLORE:\u00a0<\/span>17 Best Crypto to Buy Now in 2024<\/span><\/a><\/strong><\/p>\n

Fake Websites Include Code Capable of Stealing Crypto<\/span><\/h2>\n

In some cases, the fake websites include JavaScript code that is <\/span>capable<\/span> of stealing crypto directly from web browsers before any malware <\/span>is installed<\/span>. <\/span><\/p>\n

Both macOS and Windows versions of the malware have <\/span>been identified<\/span>, and the campaign has reportedly been active for around four months.<\/span><\/p>\n

Similar schemes have surfaced recently. In August, on-chain investigator ZackXBT identified 21 developers, likely linked to North Korea, using fake identities to infiltrate crypto projects. <\/span><\/p>\n

Additionally, in September, the FBI warned of North Korean hackers targeting crypto firms and decentralized finance (DeFi) projects with malware disguised as job offers.<\/span><\/p>\n

Last week, Japanese cryptocurrency exchange DMM Bitcoin announced its closure following a massive security breach in May that resulted in over $300 million losses.<\/span><\/p>\n

The exchange confirmed that its assets will be acquired by SBI VC Trade, the crypto arm of Japan\u2019s SBI Group, as part of a planned transition.<\/span><\/p>\n

EXPLORE:\u00a0<\/span>$300 Million Exploit: Japan\u2019s DMM Bitcoin Exchange Suffers Largest Hack Of 2024<\/span><\/a><\/strong><\/p>\n

Join The 99Bitcoins News Discord Here For The Latest Market Updates<\/a><\/p>\n

The post Web3 Workers Targeted by Malware Campaign Using Fake Meeting Apps: Cado Security Labs<\/a> appeared first on 99Bitcoins<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

According to cybersecurity firm Cado Security Labs, Web3 professionals are the latest victims of a sophisticated malware campaign that employs fake meeting apps to steal sensitive credentials and crypto assets. In a report released on December 6, Cado\u2019s threat research lead, Tara Gould, detailed how scammers are leveraging artificial intelligence (AI) to craft convincing websites […]<\/p>\n","protected":false},"author":0,"featured_media":26865,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-26864","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-discovery"],"_links":{"self":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/26864"}],"collection":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=26864"}],"version-history":[{"count":0,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/26864\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/media\/26865"}],"wp:attachment":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=26864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=26864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=26864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}