Cybersecurity specialists at Darktrace have exposed a highly sophisticated cryptocurrency theft scheme where attackers are impersonating authentic AI, gaming, and Web3 projects to deceive unsuspecting victims.
These cybercriminals employ clever social engineering tactics, luring users with promises of crypto rewards to download malicious software disguised as beta-testing applications.
The operation primarily targets users through popular platforms including X (formerly Twitter), Telegram, and Discord. The scammers enhance their credibility by using compromised accounts and replicating legitimate startup roadmaps to appear trustworthy.
As detailed in this investigation into crypto-stealing malware disguised as test applications, victims are redirected to phishing websites that perfectly mimic genuine companies. Once infected, the malware stealthily harvests critical system information including CPU specifications, MAC addresses, and device identifiers - all used to breach cryptocurrency wallets.
What makes this threat particularly dangerous is its cross-platform capability, affecting both Windows and macOS systems. Security analysts note that the malware's techniques closely resemble those employed by the infamous hacker collective known as Crazy Evil, suggesting either imitation or possible connection to the group.