A new strain of malware, known as Realst, has been discovered targeting cryptocurrency wallets and sensitive data of Web3 professionals. Disguised as a fake meeting application, the malware has been active for the past four months, according to cybersecurity firm Cado Security Labs.
Realst targets a wide range of sensitive information, including cryptocurrency wallets, stored browser credentials, banking card details, and hardware wallet information. It infiltrates both Windows and macOS systems, spreading through AI-generated websites that mimic legitimate platforms. These fake sites include fabricated product reviews, blog posts, and social media accounts to appear credible and lure victims into downloading the malware.
Cado Security Labs researchers warned that cybercriminals are increasingly leveraging AI to create realistic-looking content for their campaigns, making it difficult for users to detect scams. The malware has been seen under several aliases, including Clusee[.]com, Cuesee, Meeten[.]gg, Meeten[.]us, and Meetone[.]gg, with its current name being Meetio.
Social Engineering Tactics Amplify the Threat
Social engineering plays a crucial role in this scam campaign, with attackers reaching out to victims via social media platforms such as Telegram. They often impersonate trusted contacts or offer fake business opportunities to drive traffic to their malicious websites.
One alarming aspect of the scam is that the fake websites running the malware also execute malicious JavaScript in the background, which can steal cryptocurrency stored in web browsers, even before the malware is installed.
Similar social engineering tactics have been used in previous high-profile crypto scams. For example, a whale investor lost over $6 million worth of crypto in November after clicking a malicious link disguised as a Zoom video conferencing invitation. Another notable attack, the $50 million hack of decentralized finance platform Radiant Capital, involved malware disguised as a PDF file.
Growing Concern Over Social Engineering in Crypto
The rise of social engineering scams has raised alarm among cybersecurity experts. In a recent interview, Coinbase experts dubbed these scams as the “number one threat” to crypto enthusiasts, highlighting how scammers have drained billions of dollars from the crypto space over the years. In November alone, crypto phishing scams resulted in over $9 million in losses.
As scammers become more sophisticated in their methods, both individual investors and institutional players must remain vigilant, especially against AI-driven phishing campaigns that can be hard to distinguish from legitimate sources.
Conclusion
Cado Security Labs’ warning underscores the growing sophistication of cybercriminals targeting the cryptocurrency space. With AI tools making it easier for scammers to create convincing fake platforms, users need to be cautious and vigilant, ensuring they are engaging with legitimate services to protect their assets.
