Scammers are combining social engineering techniques with fake verification bots on Telegram to inject malware that steals cryptocurrency into systems, thereby robbing cryptocurrency wallets, Scam Sniffer has warned.
In a post on December 10 on platform X, Scam Sniffer stated that scammers are creating fake X accounts impersonating famous influencers in the cryptocurrency field, then inviting users into Telegram groups with promises of investment information.
After users join the Telegram group, they are asked to verify through 'OfficiaISafeguardBot,' a fake verification bot that creates a false sense of urgency by setting a short verification time, the company said.
Scammers impersonate famous cryptocurrency influencers on X and then invite users into malicious Telegram groups. Source: Scam Sniffer
The bot then injects malicious PowerShell code to download and run malware to infiltrate computer systems and cryptocurrency wallets. Scam Sniffer reported that they have recorded 'numerous cases' where similar malware has led to the theft of personal security keys.
Scam Sniffer informed TinTucBitcoin that the recent notable cases of this type of scam have all been caused by fake verification bots.
“It is currently unclear whether other malicious bots exist. However, it is evident that impersonating someone else's account is quite simple for them,” the company stated.
Theo Scam Sniffer, malware targeting ordinary users has been around for a long time, but the infrastructure behind this type of malicious software is developing rapidly and becoming very complex.
They explain that when scammers successfully execute schemes and demand increases, they evolve into fraud services, similar to how cryptocurrency wallet-draining software allows phishing scammers to use their tools.
Scam Sniffer added that although they have seen malware distributed through Telegram and instances of scammers impersonating others to run malicious code, 'this is the first time we have witnessed this specific combination of fake X accounts, fake Telegram channels, and malicious Telegram bots.'
See more: Bitcoin sets a new record: Up 40%, price exceeds $99K!
All recent notable and known cases of this type of scam have been caused by fake protection bots. Source: Scam Sniffer
Meanwhile, the security company reported an increase in scammers impersonating others on X and advertising fake links and tokens.
On average, Scam Sniffer's monitoring system has detected an average of 300 impersonators on X each day in the past month, compared to an average of 160 in November.
At least two victims have lost over $3 million after clicking on malicious links and signing transactions from some of these fake accounts, the company added.
Cado Security Labs has also warned that employees in the Web3 sector are being targeted by a campaign using fake meeting apps to inject malware and steal login information for websites, apps, and cryptocurrency wallets.
The Web3 security platform Cyvers similarly warns that phishing attacks may increase in December as hackers try to exploit the uptick in online transactions before the holiday season.
Follow me @TinTucBitcoin #tintucbitcoin #Write2Win #btc #binance #bitcoin
