Altcoins

Web3 Workers Targeted by Malware Campaign Using Fake Meeting Apps: Cado Security Labs

Web3 professionals are the latest victims of a malware campaign that employs fake meeting apps to steal credentials and crypto assets.

By Ruholamin Haqshanas

Last Updated: Dec 9, 2024

Fact checked

By Sam Cooling

Web3 Workers Targeted by Malware Campaign Using Fake Meeting Apps: Cado Security Labs

According to cybersecurity firm Cado Security Labs, Web3 professionals are the latest victims of a sophisticated malware campaign that employs fake meeting apps to steal sensitive credentials and crypto assets.

In a report released on December 6, Cado’s threat research lead, Tara Gould, detailed how scammers are leveraging artificial intelligence (AI) to craft convincing websites and social media profiles that mimic legitimate companies.

The malicious app, initially called “Meeten,” has undergone several rebrands, now operating as “Meetio” and previously using domains such as Clusee.com, Cuesee, Meeten.gg, and Meetone.gg.

EXPLORE: Crypto Tax Guide 2024

Malicious App Deploys Information Stealer Once Downloaded

Once downloaded, the app deploys a Realst information stealer to extract sensitive data, including Telegram logins, banking information, and cryptocurrency wallet credentials.

The malware also targets browser cookies, autofill data from applications like Google Chrome and Microsoft Edge, and information from crypto wallets such as Ledger, Trezor, and Binance Wallet.

The attackers employ a combination of social engineering and spoofing tactics. Gould highlighted a case where a victim was approached on Telegram by someone impersonating a known contact.

The scammer shared an investment presentation from the victim’s company.. Other reports include incidents where individuals participated in Web3-related calls, downloaded the fraudulent software, and subsequently lost cryptocurrency holdings.

To bolster their credibility, the scammers utilize AI to generate blogs, product descriptions, and social media content for their fake company websites.

These websites, often hosted on platforms like X (formerly Twitter) and Medium, add an air of legitimacy to the campaign, making it harder for users to detect malicious intent.

“While much of the recent focus has been on the potential of AI to create malware, threat actors are increasingly using AI to generate content for their campaigns,” Gould said.

“Using AI enables threat actors to quickly create realistic website content that adds legitimacy to their scams and makes it more difficult to detect suspicious websites.” 

EXPLORE: 17 Best Crypto to Buy Now in 2024

Fake Websites Include Code Capable of Stealing Crypto

In some cases, the fake websites include JavaScript code that is capable of stealing crypto directly from web browsers before any malware is installed.

Both macOS and Windows versions of the malware have been identified, and the campaign has reportedly been active for around four months.

Similar schemes have surfaced recently. In August, on-chain investigator ZackXBT identified 21 developers, likely linked to North Korea, using fake identities to infiltrate crypto projects.

Additionally, in September, the FBI warned of North Korean hackers targeting crypto firms and decentralized finance (DeFi) projects with malware disguised as job offers.

Last week, Japanese cryptocurrency exchange DMM Bitcoin announced its closure following a massive security breach in May that resulted in over $300 million losses.

The exchange confirmed that its assets will be acquired by SBI VC Trade, the crypto arm of Japan’s SBI Group, as part of a planned transition.

EXPLORE: $300 Million Exploit: Japan’s DMM Bitcoin Exchange Suffers Largest Hack Of 2024

Join The 99Bitcoins News Discord Here For The Latest Market Updates

Disclaimer Icon
Disclaimer
Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
99Bitcoins may receive advertising commissions for visits to a suggested operator through our affiliate links, at no added cost to you. All our recommendations follow a thorough review process.

Free Bitcoin Crash Course

  • Enjoyed by over 100,000 students.
  • One email a day, 7 days in a row.
  • Short and educational, guaranteed!

Why you can trust 99Bitcoins

10+ Years

Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.

90hr+

Weekly Research

100k+

Monthly readers

50+

Expert contributors

2000+

Crypto Projects Reviewed

Google News Icon
Follow 99Bitcoins on your Google News Feed
Get the latest updates, trends, and insights delivered straight to your fingertips. Subscribe now!
Subscribe now
Ruholamin Haqshanas
Ruholamin Haqshanas
Crypto Journalist

Ruholamin Haqshanas is an accomplished crypto and finance journalist with over three years of experience. He has been featured in various high-profile outlets, including Cryptonews.com, Investing.com, 24/7 Wall St, and Business2Community. Read More

Back to top