Artificial intelligence (AI) is rapidly evolving, and while it offers numerous benefits, it also empowers cybercriminals to develop increasingly sophisticated scams. Security researchers recently discovered a new info-stealing malware disguised as video-calling software, highlighting the growing threat of AI-driven cybercrime.
A man conducting a Google search on his laptop (Kurt "CyberGuy" Knutsson)
The Malware's Deceptive Tactics
Cado Security Labs has exposed this complex scam involving a crypto stealer known as Realst, affecting both macOS and Windows users. The perpetrators have created a convincing facade, including fake company websites, AI-generated content, and social media profiles. They operate under various names, such as "Meetio," "Clusee," "Cuesee," "Meeten," and "Meetone."
The scam often begins with a Telegram message from someone impersonating a friend or acquaintance, proposing a business venture and suggesting a video call. In some instances, scammers have even used the victim's own investment presentations to enhance their credibility. Other victims report encountering the malware after downloading software during Web3-related calls.
Targets are directed to the fake website to download the malicious software. However, even before installation, the website employs JavaScript to steal cryptocurrency stored in web browsers.
A woman working on several computers (Kurt "CyberGuy" Knutsson)
How the Malware Operates
Upon downloading the software, victims encounter deceptive error messages prompting them to continue. The malware also utilizes a macOS tool to request a password, a common tactic in macOS malware attacks. It then scans the victim's computer for sensitive data, including passwords and account details, compresses the stolen information, and sends it to a remote server.
The malware targets various data, including Telegram credentials, banking card details, and information from web browsers such as Google Chrome, Opera, Brave, Microsoft Edge, Arc, CocCoc, and Vivaldi. It can steal saved passwords, cookies, and browsing history.
A woman working on her laptop (Kurt "CyberGuy" Knutsson)
Protecting Yourself from AI-Powered Scams
- Verify software sources: Download software only from trusted sources and be wary of links in unsolicited messages.
- Be cautious of unexpected contact: Verify the sender's identity before interacting with unfamiliar contacts.
- Enable two-factor authentication (2FA): Add an extra layer of security to your accounts.
- Use strong, unique passwords: Employ a password manager to generate and store secure passwords.
- Keep software updated: Enable automatic updates for your operating system and applications.
- Consider personal data removal services: Minimize your online footprint by removing your information from public databases.
Key Takeaway
AI is enabling scammers to operate at an unprecedented scale. It's essential to be vigilant, recognize red flags, and only install software from reputable platforms. For video calls, stick to trusted platforms like Zoom, FaceTime, Google Meet, and Webex. If you receive a suspicious video call link, request the caller to use a trusted platform instead.
