financetom
Cryptocurrency
financetom
/
Cryptocurrency
/
New Crypto Scam Uses Fake Influencer Accounts to Lure Victims Into Telegram Malware Trap
News World Market Environment Technology Personal Finance Politics Retail Business Economy Cryptocurrency Forex Stocks Market Commodities
New Crypto Scam Uses Fake Influencer Accounts to Lure Victims Into Telegram Malware Trap
Dec 11, 2024 3:13 PM

A new wave of crypto scams has emerged, with attackers using fake X accounts to impersonate popular influencers and lure unsuspecting users into fraudulent Telegram groups.

Users are then manipulated into installing malware that compromises crypto wallet data.

Scammers Moving Beyond Simple Phishing Scams

According to blockchain security firm Scam Sniffer, the scammers comment on legitimate posts, enticing users with offers of exclusive investment insights and alpha tips. Once individuals join these Telegram groups, they are immediately prompted to undergo a verification process via a bot called OfficiaISafeguardBot.

The bot creates a false sense of urgency and pushes users to quickly complete the verification. However, this seemingly harmless step is a trap by completing the verification, the bot injects malicious PowerShell code into the users clipboard. When executed, the code downloads malware designed to compromise the system and steal sensitive data, including crypto wallet information.

Scam Sniffer said that the malware has been flagged by VirusTotal as harmful, and previous instances of similar attacks have resulted in private key theft, leading to significant financial losses.

This represents a new evolution in crypto scams moving beyond simple phishing to combine social engineering with malware. Stay vigilant and share this to protect others.

Rampant Scams

Last month, Casa CEO Nick Neuman shared a harrowing tale of a phishing scam that targeted him. In a post on X, Neuman described a call he received from a scammer pretending to be a Coinbase support agent. The scammer claimed that Neuman’s password change request had been canceled and encouraged him to click on a link in a suspicious email.

When Neuman started questioning the scammer, they dropped the act and revealed the operations true nature. The scammer bragged about having recently stolen $35,000 from a victim and made it clear that the scam targets only rich crypto investors.

More recently, a crypto user under the pseudonym LeftsideEmiri, reported losing $300,000 due to a social engineering attack. According to the user, the attack began when they received a message containing a link to a KakaoTalk conversation, which was supposedly for a partnership meeting. Although the link seemed broken, the user clicked on it, believing it to be harmless.

In hindsight, they suspect that clicking the link triggered the installation of malware, which compromised their Ethereum and Solana wallets, along with several other wallets. The user made it clear that they had not approved or signed any transactions, indicating that the attack was covert and took advantage of social engineering techniques to steal funds.

Comments
Welcome to financetom comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
Related Articles >
Copyright 2023-2024 - www.financetom.com All Rights Reserved