Bitprismia

Darktrace warns of social engineering scams deploying crypto-stealing malware

2025-07-11 08:05:01

Main Idea

Scammers are impersonating AI, gaming, and Web3 startups on platforms like X, Telegram, and Discord to deceive users into providing sensitive information or cryptocurrency payments.

Key Points

1. Scammers pose as cryptocurrency payments in exchange for testing software to lure victims.

2. North Korean hackers target macOS, collecting verification details like CPU info, MAC address, and user ID to determine viable targets.

3. A second-stage payload is deployed if verification succeeds, often stealing wallet credentials, browser data, and encrypted Telegram files.

4. Groups like CrazyEvil create fake software companies using platforms like Twitter and Medium to target crypto-related communities.

5. Lazarus hacking group deployed malware strains like 'NimDoor' and 'OtterCookie' through fake interviews or malicious SDK updates.

Description

Researchers at cybersecurity company Darktrace have warned that threat actors are using increasingly sophisticated social engineering tactics to infect victims with crypto-stealing malware. In its latest blog, Darktrace researchers detailed an elaborate campaign in which scammers were found to be impersonating AI, gaming, and Web3 startups to trick users into downloading malicious software. The scheme relies on verified and compromised X accounts, as well as project documentation hosted on legit...

>> go to origin page
📱 Full Version