Close Menu
    AI

    Cado Security Exposes Meeten App Scam Stealing Crypto and Sensitive Data Through Malware

    By No Comments3 Mins Read
    HI, How Cybercriminals Use YouTube and GitHub to Spread Crypto Malware, hacker, cybercrime, cyber crime, hacking, phishing attack, user, laptop, crime, criminal, scam, fraud, crypto crime, hack, online scams, vulnerability

    30s Summary

    Cado Security Labs has warned about a scam that steals users’ login details and digital currency using a fake meeting app named “Meeten.” The app contains malware that pilfers sensitive information, such as Telegram logins, card details, and crypto wallet data. Fraudsters create artificial intelligence-generated fake websites and social media accounts to seem legitimate. The sites use Javascript to steal any crypto stored in web browsers. The scam has been ongoing for approximately four months, according to Cado. Similar scams were previously discovered by onchain sleuth ZackXBT and warned against by the FBI.

    Full Article

    There’s a scammer out there using trickery to rob web users of their login details and digital currency! Cado Security Labs issued a warning about a sneaky campaign that uses bogus meeting apps injected with nasty software to snatch up people’s login details to different sites, applications, and even cryptocurrency wallets.

    These cunning fraudsters use artificial intelligence to whip up fake websites and social media accounts to fool people into thinking they’re dealing with genuine companies. After you’ve been reeled in, you’ll be asked to download a meeting app named “Meeten” (which also goes by “Meetio” and a bunch of other names), wrote Tara Gould, the head of threat research at Cado, in a report from December 6th.

    The devious “Meeten” app houses some pretty intrusive malware that will scrounge around your device for sensitive info like Telegram logins, card details, and even info on your crypto wallets, then ship this data back to those prying attackers.

    But the hunt doesn’t stop there – these little software thieves can also seek out browser cookies and nab saved passwords on browsers like Google Chrome and Microsoft Edge, as well as details on cryptocurrency wallets like Ledger, Trezor, and Binance.

    The scammers can get really crafty, taking to social engineering and even pretending to be someone you know on platforms like Telegram. One user reported being contacted by a familiar face he thought he could trust about a business opportunity, only to discover he was dealing with a fraud.

    Adding to the deception, to seem more legitimate, fraudsters are setting up phony company websites using AI to generate convincing content on blogs, products, and even companion social media accounts. This tech not only helps create lifelike website content for their dirty tricks but also makes it harder to spot the dodgy sites.

    Even before you’re tricked into downloading the malware-loaded software, these sham websites sneak in Javascript to plunder any crypto you’ve got stored in web browsers. Gould let slip that both macOS and Windows versions exist, and according to her, these sneaky tactics have been going on for around four months.

    This isn’t the first bunch of online tricksters using these underhanded tactics. Back in August, ZackXBT, an onchain sleuth, said he discovered 21 developers (who might’ve been from North Korea) working on fake identities for various crypto projects. In September, the FBI even warned about North Korean hackers aiming malware at crypto companies disguised as job offers.

    Related Posts