This malware was detected by cybersecurity firm Cado Security Labs and has reportedly been active for about four months.

This software, called Realst, can infiltrate both Windows and Mac operating systems and targets cryptocurrency wallets, browser-stored credentials, bank card information and hardware wallet data.

The malware is designed to look like a fake meeting app to trick users. Cybercriminals used artificial intelligence to spread this software through websites, creating fake product reviews, blog posts and social media accounts.

It becomes easier to convince users with these fake contents, making it harder to detect fraud. Researchers state that fraudsters create “realistic website content” using artificial intelligence, making scams more believable.

The malware has been identified by many different aliases. The software, currently known as Meetio, has also been spotted in the past with names such as Clusee[.]com, Cuesee, Meeten[.]gg, Meeten[.]us and Meetone[.]gg.

Scammers use social engineering techniques to target their victims. They trap victims through social media platforms such as Telegram, often by presenting themselves as trustworthy people or offering fake job opportunities. These types of social engineering methods allow malware to infect more people.

Another particularly noteworthy threat is that websites running this malware run malicious JavaScript in the background, stealing cryptocurrencies stored in users’ web browsers.

This process happens even before you install the malware, meaning it is possible for victims to have their information stolen even before they install the software. This poses an additional danger to potential victims.

Such scams have targeted crypto holders before. Last month, a major whale investor lost $6 million worth of cryptocurrency after being tricked by scammers. These scammers convinced the victim to click on a fake video conferencing link that resembled the Zoom platform.

Additionally, the $50 million hack to the decentralized finance platform called Radiant Capital was also carried out with a similar social engineering scam. Hackers carried out the attack by tricking users into clicking on a PDF file that concealed the malware.

Coinbase experts describe social engineering scams as the “number one threat to crypto enthusiasts.” Scammers have managed to steal billions of dollars worth of funds from the crypto industry over the years. In November alone, $9 million worth of losses were reported due to crypto phishing scams.

Such attacks can always put users at risk, no matter how strong the security measures are. Being more careful and conscious to ensure security in the cryptocurrency world stands out as the best protection method against such attacks.