Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse

Incident 870: Meeten Malware Campaign Reportedly Undermines Web3 Security Using AI-Legitimized Branding

Description: Threat actors, using aliases such as "Meeten," "Meetio," and "Clusee," reportedly deployed AI-generated content to create fake company websites, blogs, and social media profiles, impersonating legitimate businesses in order to trick Web3 professionals and cryptocurrency users into downloading Realst malware. The malware allegedly targets macOS and Windows platforms, steals credentials, browser data, and cryptocurrency wallet information, exfiltrating sensitive data to remote servers.
Editor Notes: Reconstructing the timeline of events: (1) Around August 2024: Threat actors reportedly began targeting Web3 professionals using Telegram impersonations and phishing schemes. (2) September 2024: Creation of reportedly fake company websites, including domains like "Meeten.us" and "Clusee.com," with AI-generated content. (3) October 2024: Reports of Realst malware allegedly being distributed through these websites. (4) November 2024: Malware analysis revealed technical details of Realst Stealer for macOS and Windows, which also included its ability to exfiltrate sensitive data to remote servers. (5) December 6, 2024: Cado Security Labs publicized their findings.

Tools

New ReportNew ReportNew ResponseNew ResponseDiscoverDiscoverView HistoryView History

Entities

View all entities
Alleged: Meeten , Meetone , Meetio , Clusee , Cuesee , Generative AI tools , Electron framework and Realst Stealer developed and deployed an AI system, which harmed Web3 professionals and Cryptocurrency users.
Alleged implicated AI systems: Generative AI tools , Electron framework and Realst Stealer

Incident Stats

Incident ID
870
Report Count
2
Incident Date
2024-12-06
Editors
Daniel Atherton
Applied Taxonomies
MIT

MIT Taxonomy Classifications

Machine-Classified
Taxonomy Details

Risk Subdomain

A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
 

4.3. Fraud, scams, and targeted manipulation

Risk Domain

The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
 
  1. Malicious Actors & Misuse

Entity

Which, if any, entity is presented as the main cause of the risk
 

Human

Timing

The stage in the AI lifecycle at which the risk is presented as occurring
 

Post-deployment

Intent

Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
 

Intentional

Incident Reports

Reports Timeline

+1
Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows
AI-powered deception: The sneaky macOS malware masquerading as your next video call
Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows

cadosecurity.com

AI-powered deception: The sneaky macOS malware masquerading as your next video call

AI-powered deception: The sneaky macOS malware masquerading as your next video call

foxnews.com

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows
cadosecurity.com · 2024

Cado Security Labs have identified a new sophisticated scam targeting people who work in Web3. The campaign includes crypto stealer Realst that has both macOS and Windows variants, and has been active for around four months. The threat acto…

AI-powered deception: The sneaky macOS malware masquerading as your next video call
foxnews.com · 2024

Artificial intelligence (AI) is making life easier not just for us but also for cybercriminals. 

It is enabling them to create elaborate campaigns to deceive people, efforts that would otherwise take months. Security researchers have discov…

Variants

A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.

Similar Incidents

Selected by our editors

HTML/Nomani Deepfake Phishing Campaigns Allegedly Use AI-Generated Content to Defraud Social Media Users

Dec 2024 · 1 report
By textual similarity

Did our AI mess up? Flag the unrelated incidents

The DAO Hack

The DAO Hack

Jun 2016 · 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm

A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm

Feb 2022 · 4 reports
Game AI System Produces Imbalanced Game

Game AI System Produces Imbalanced Game

Jun 2016 · 11 reports
Previous IncidentNext Incident

Similar Incidents

Selected by our editors

HTML/Nomani Deepfake Phishing Campaigns Allegedly Use AI-Generated Content to Defraud Social Media Users

Dec 2024 · 1 report
By textual similarity

Did our AI mess up? Flag the unrelated incidents

The DAO Hack

The DAO Hack

Jun 2016 · 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm

A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm

Feb 2022 · 4 reports
Game AI System Produces Imbalanced Game

Game AI System Produces Imbalanced Game

Jun 2016 · 11 reports

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • 1420c8e