Malicious Software for Cryptocurrency Theft Discovered in Telegram Bots

Experts at Scam Sniffer have uncovered a fraudulent scheme designed to steal cryptocurrencies using fake influencers and malicious Telegram bots.

1/7 ? SECURITY ALERT: New sophisticated scam targeting crypto users through fake Telegram groups.

Attackers are impersonating multiple crypto influencers and using malicious bots for verification. Here’s how it works… ? https://t.co/KaetjSHW1I pic.twitter.com/YwFM5RBl3V

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 10, 2024

According to the experts, the perpetrators create fake accounts on X, posing as popular cryptocurrency influencers, and then invite users to Telegram groups supposedly dedicated to investments.

New members are asked to verify themselves through a fake bot, OfficiaISafeguardBot, which installs malware on the victim’s device to hack crypto wallets and steal assets.

Previously, Scam Sniffer reported “numerous instances” of successful attacks using similar malware.

? WARNING: Beware of fake Zoom malware!
A $GIGA holder lost millions!

Compare carefully:
us04-zoom[.]us ❌
us02web.zoom[.]us ✅

They look similar, right? That’s the trap! ? pic.twitter.com/RWMur5MM7V

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) November 12, 2024

Earlier in December, researchers at Cado Security Labs reported on the Meeten malware, which disguises itself as a conferencing application to steal cryptocurrencies. These attacks target workers in the Web3 sector.