Cado Security Labs flags new malware targeting crypto wallets on Windows and macOS
A new malware is targeting cryptocurrency wallets and other sensitive information of web3 professionals by disguising itself as a fake meeting application.
According to cybersecurity firm Cado Security Labs, the malware, dubbed Realst, has been active for around four months, targeting cryptocurrency wallets, browser-stored credentials, banking card details, and hardware wallet information disguised as a fake meeting application.
The stealthy malware, which can infiltrate both Windows and Mac operating systems, is distributed via AI-generated websites designed to look like a genuine platform, complete with fabricated product reviews, blog posts, and social media accounts to enhance their credibility.
Researchers warned that scammers are “increasingly using AI to generate content for their campaigns,” which allows them to easily create “realistic website content,” making it difficult to spot the scams.
The application is known to change names and has been identified under aliases such as Clusee[.]com, Cuesee, Meeten[.]gg, Meeten[.]us, Meetone[.]gg, with its current name, Meetio.
Social engineering plays a key role in this campaign as the scammers approach the victims via social media platforms like Telegram, often impersonating trusted contacts or using fabricated business opportunities to lure victims to their websites.
As an added threat, the report warned that the websites in question also run malicious Java scripts in the background that “steal cryptocurrency that is stored in web browsers, even before installing any malware.”
Similar tactics have been used to target crypto holders on several occasions. Last month, a whale investor lost over $6 million worth of crypto after scammers social-engineered them into clicking a malicious link that mimicked the video conferencing platform Zoom.
The $50m hack of the decentralized finance protocol Radiant Capital was also the result of a social engineering scheme where bad actors deployed malware disguised as a PDF file.
Experts at Coinbase dubbed social engineering scams as the “number one threat to crypto enthusiasts” in an exclusive interview.
Scammers have managed to drain billions worth of funds from the crypto sector over the years. In November alone, losses from crypto phishing scams amounted to over $9 million.
