Get 125% / $2,500 on 1st deposit!
New players only. Exclusive Welcome Bonus of up to $2,500
Web3 workers face a new threat involving fake meeting apps designed to steal credentials and crypto wallets, according to a recent report by Cado Security Labs. This campaign, which combines social engineering and AI-generated content, has been active for approximately four months, targeting unsuspecting users in the Web3 ecosystem.
The malware campaign revolves around a fake app known as “Meeten,” which frequently rebrands under names like “Meetio,” “Clusee.com,” “Cuesee,” and others. Once users download the app, it installs Realst info-stealing malware. This malicious software hunts for sensitive data, including browser cookies, autofill credentials, and wallet information from platforms like Ledger, Trezor, and Binance.
Cado’s threat research lead, Tara Gould, highlighted how scammers create a facade of legitimacy. “Threat actors use AI to quickly generate realistic website content, making their scams more convincing and harder to detect,” Gould explained. These fake websites, packed with AI-generated blogs and social media content, lure users into downloading malware-laden software.
The scammers employ social engineering techniques to deceive victims. In one reported case, a user was contacted on Telegram by someone impersonating a colleague. The scammer even sent an authentic-looking investment presentation from the victim’s own company to build trust.
Victims have shared experiences of downloading the fake app during Web3-related meetings, leading to the theft of their cryptocurrency. The malware specifically targets Telegram logins, banking information, and crypto wallets, sending the stolen data directly to the attackers.
Additionally, these fake websites use Javascript to steal crypto stored in web browsers, even before users install any software. Both macOS and Windows versions of the malware exist, increasing its reach.
Threat actors leverage AI not only to create malware but also to enhance the credibility of their campaigns. Gould emphasized, “AI enables threat actors to generate content that adds legitimacy to their scams.” By building websites, blogs, and social media profiles with AI tools, scammers make their operations appear authentic, complicating detection efforts.
This campaign underscores the growing sophistication of threats in the Web3 space and the importance of vigilance among its workers.