A recent study by Darktrace has revealed a new wave of cryptocurrency scams where perpetrators are using complex social engineering methods to infect victims with malicious software.
Scammers' Methods
According to researchers, the campaign typically starts with scammers using fake accounts on social networks to contact potential victims. They may pose as representatives of new startups in AI, gaming, and Web3, offering cryptocurrency rewards in exchange for testing software.
Infection and Data Collection
After contacting the victim, scammers direct them to fake websites that appear to be legitimate startups, complete with elements such as whitepapers and roadmaps. The victim then downloads a malicious application that triggers a Cloudflare verification screen, collecting system information such as CPU details, MAC address, and user ID. This information is then sent to the attacker's server.
Threat Analysis
Experts at Darktrace believe the methods used in this campaign are consistent with tactics employed by cybercriminal groups such as CrazyEvil, which specifically target crypto communities. The scammers have created fake companies utilizing social media to target victims and are reportedly earning millions of dollars from their malicious activities.
Numerous similar campaigns have been identified over recent months, emphasizing the need for user vigilance and the adoption of security measures to guard against cyber threats.
