Cybercriminals use a sophisticated combination of social engineering and fake Telegram verification bots to plunder crypto wallets. This new tactic, which involves injecting malware into computer systems, was discovered by blockchain security company Scam Sniffer. The company published a report about this on December 10.
Scammers pose as well-known crypto influencers
According to Scam Sniffer, scammers create fake accounts on X (formerly Twitter), posing as well-known crypto influencers. Users are invited through these accounts to join Telegram groups, which advertise exclusive investment insights. Within these groups, participants are asked to verify themselves via a so-called “OfficiaISafeguardBot”. This fake bot creates a sense of urgency by imposing short verification time limits and installs malicious PowerShell code. This code downloads and activates malware, compromising systems and stealing private keys from crypto wallets.
The security company reports several cases in which this malware was successfully used to empty crypto wallets. “While we have not identified any other similar bots at this time, it is clear that scammers can easily masquerade as legitimate services,” Scam Sniffer said.
Rapid evolution of cybercrime
Scam Sniffer emphasizes that this form of scam is a sign of the rapid development of cybercrime. Scammers are shifting to a so-called “scam-as-a-service” model, where sophisticated tools are developed and rented to other bad actors. This infrastructure makes it possible to deceive users and steal cryptocurrencies on a large scale.
Increase in phishing activities
The security firm has also seen an increase in the number of fake accounts on At least two victims have collectively lost more than $3 million by clicking malicious links and signing transactions through these fake accounts.
In addition, Cado Security Labs warns of similar attacks. They report a targeted campaign in which fake meeting apps are used to steal login details and crypto wallets. Web3 security platform Cyvers predicts an increase in phishing attacks in December as cybercriminals look to capitalize on the holiday surge in online transactions.
Warning to users
Users are advised to exercise extra caution, avoid suspicious links and check verification requests carefully. Taking these measures can prevent them from becoming victims of these increasingly sophisticated forms of cybercrime.
Source: https://newsbit.nl/nieuwe-oplichtingstechniek-combineert-neppe-telegram-bots-met-crypto-malware/
