Scammers are deploying a new tactic that combines fake social media accounts, malicious Telegram bots, and crypto-stealing malware to exploit unsuspecting victims, according to blockchain security firm Scam Sniffer. This is reportedly the first instance of scammers using such a sophisticated combination of tools to target crypto users.
How the Scam Works
Scammers impersonate popular cryptocurrency influencers on X (formerly Twitter), using fake accounts to lure users into fraudulent Telegram groups. Once users join, they are introduced to a fake verification bot called “OfficiaISafeguardBot,” which creates a false sense of urgency by imposing a short verification window.
Here’s how the scam unfolds:
- Invitation to Telegram Groups: Victims are promised investment insights or exclusive opportunities.
- Fake Verification Process: Users are directed to interact with a malicious bot disguised as a verification tool.
- Malware Injection: The bot deploys a PowerShell code that downloads malware, targeting the user’s computer and crypto wallets.
This malware can compromise private keys, enabling scammers to steal funds directly from crypto wallets. Scam Sniffer confirmed that recent cases involving stolen crypto wallets were all linked to the fake Safeguard bot.
A Surge in Impersonation and Scams
Scam Sniffer noted a significant increase in scam-related activities:
- Impersonation on X: An average of 300 impersonator accounts have been detected daily in December, compared to 160 per day in November.
- Financial Losses: At least two victims lost over $3 million after clicking on malicious links and signing fraudulent transactions.
The security firm also warned that the infrastructure supporting such malware scams is becoming increasingly sophisticated. Successful heists appear to fuel a “scam-as-a-service” model, where malicious tools are rented out to other bad actors.
Broader Cyber Threats
The rise in malware attacks isn’t limited to fake Telegram bots. Other cybersecurity firms have flagged emerging threats in the Web3 space:
- Cado Security Labs: Reports that Web3 workers are being targeted with fake meeting apps designed to steal credentials and crypto funds.
- Cyvers: Warns of a potential surge in phishing scams during December, as hackers attempt to exploit increased online activity during the holiday season.
Protecting Yourself From Crypto Scams
To avoid falling victim to these sophisticated scams, users should follow these best practices:
- Verify Sources: Double-check the legitimacy of social media accounts and Telegram groups.
- Avoid Urgent Requests: Be cautious of bots or messages that create artificial urgency.
- Inspect Links: Avoid clicking on links from unknown or suspicious accounts.
- Secure Devices: Use updated antivirus software and enable two-factor authentication on all accounts.
- Monitor Wallet Activity: Regularly check wallet activity for unauthorized transactions.
The use of fake Telegram bots and social engineering represents an alarming evolution in crypto-related scams. As these methods grow more sophisticated, users must stay vigilant and exercise caution when interacting online. By adopting proactive security measures, crypto enthusiasts can safeguard their assets from malicious actors.
