Cybercriminals are targeting people working in the Web3 industry with fake business meetings, using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. The malware, dubbed “Realst,” has both a Windows and a macOS version, stealing cryptocurrency assets, banking information, and sensitive data.
The “Meeten” campaign, launched in September 2024, uses fake branding and AI-generated content to add legitimacy to the malicious software. Victims are often contacted through phishing or social engineering tactics, such as being sent an investment presentation from their own company.
Once installed, the malware steals cryptocurrency stored in web browsers, as well as sensitive data including Telegram credentials, banking card details, and Keychain credentials on Macs. The Windows variant of Realst is digitally signed using a stolen certificate to evade detection.
To avoid falling victim, users should never install software recommended by others without verifying its legitimacy first. Web3 professionals are particularly vulnerable due to the common use of social engineering tactics in this space.
Source: https://www.bleepingcomputer.com/news/security/crypto-stealing-malware-posing-as-a-meeting-app-targets-web3-pros