Scammers use Telegram bots to inject malware and steal crypto
Scammers are increasingly employing fake Telegram verification bots to inject crypto-stealing malware into users' systems, according to blockchain security firm Scam Sniffer.
In a December 10 post on X, Scam Sniffer highlighted a new tactic where scammers create counterfeit accounts impersonating popular crypto influencers.
These fake accounts invite users to join Telegram groups with promises of exclusive investment insights.
Once users join these groups, they are prompted to verify their identities through a malicious bot named “OfficiaISafeguardBot,” which creates a sense of urgency with short verification windows.
The bot then executes a malicious PowerShell code that downloads and runs malware designed to compromise computer systems and crypto wallets.
Scam Sniffer reported numerous cases where this type of malware has led to the theft of private keys from victims' wallets.
“This is the first time we’re seeing this specific combination of fake X accounts, fake Telegram channels, and malicious Telegram bots,” the firm noted.
While malware targeting regular users has been around for some time, Scam Sniffer indicated that the infrastructure supporting such attacks is rapidly evolving and becoming more sophisticated.
As scammers achieve successful heists, they often adapt their methods into a scam-as-a-service model, similar to how creators of wallet-draining software provide tools to phishing scammers.
The firm also observed a significant increase in impersonation scams on X, with an average of 300 impersonators detected daily in December, compared to 160 in November.
At least two victims have reported losses exceeding $3 million after interacting with these fraudulent accounts and clicking on malicious links.
In addition to these findings, Cado Security Labs has warned that Web3 workers are being targeted by campaigns using fake meeting applications to inject malware and steal credentials related to various platforms.
Similarly, the security platform Cyvers cautioned that phishing attacks could rise in December as hackers seek to exploit increased online transactions during the holiday season.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
New spot margin trading pair — HOLO/USDT!
FUN drops by 32.34% within 24 hours as it faces a steep short-term downturn
- FUN plunged 32.34% in 24 hours to $0.008938, marking a 541.8% monthly loss amid prolonged bearish trends. - Technical breakdowns, elevated selling pressure, and forced liquidations highlight deteriorating market sentiment and risk-off behavior. - Analysts identify key support below $0.0080 as critical, with bearish momentum confirmed by RSI (<30) and MACD indicators. - A trend-following backtest strategy proposes short positions based on technical signals to capitalize on extended downward trajectories.
OPEN has dropped by 189.51% within 24 hours during a significant market pullback
- OPEN's price plummeted 189.51% in 24 hours to $0.8907, marking its largest intraday decline in history. - The token fell 3793.63% over 7 days, matching identical monthly and yearly declines, signaling severe bearish momentum. - Technical analysts cite broken support levels and lack of bullish catalysts as key drivers of the sustained sell-off. - Absence of stabilizing volume or reversal patterns leaves the market vulnerable to further downward pressure.
New spot margin trading pair — LINEA/USDT!
Trending news
MoreCrypto prices
More
