Description: Threat actors, using aliases such as "Meeten," "Meetio," and "Clusee," reportedly deployed AI-generated content to create fake company websites, blogs, and social media profiles, impersonating legitimate businesses in order to trick Web3 professionals and cryptocurrency users into downloading Realst malware. The malware allegedly targets macOS and Windows platforms, steals credentials, browser data, and cryptocurrency wallet information, exfiltrating sensitive data to remote servers.
Editor Notes: Reconstructing the timeline of events: (1) Around August 2024: Threat actors reportedly began targeting Web3 professionals using Telegram impersonations and phishing schemes. (2) September 2024: Creation of reportedly fake company websites, including domains like "Meeten.us" and "Clusee.com," with AI-generated content. (3) October 2024: Reports of Realst malware allegedly being distributed through these websites. (4) November 2024: Malware analysis revealed technical details of Realst Stealer for macOS and Windows, which also included its ability to exfiltrate sensitive data to remote servers. (5) December 6, 2024: Cado Security Labs publicized their findings.
Entities
View all entitiesAlleged: Meeten , Meetone , Meetio , Clusee , Cuesee , Generative AI tools , Electron framework and Realst Stealer developed and deployed an AI system, which harmed Web3 professionals and Cryptocurrency users.
Incident Stats
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
4.3. Fraud, scams, and targeted manipulation
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Malicious Actors & Misuse
Entity
Which, if any, entity is presented as the main cause of the risk
Human
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional
Incident Reports
Reports Timeline
Cado Security Labs have identified a new sophisticated scam targeting people who work in Web3. The campaign includes crypto stealer Realst that has both macOS and Windows variants, and has been active for around four months. The threat acto…
Artificial intelligence (AI) is making life easier not just for us but also for cybercriminals.
It is enabling them to create elaborate campaigns to deceive people, efforts that would otherwise take months. Security researchers have discov…
Variants
A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.
Similar Incidents
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 reports
Game AI System Produces Imbalanced Game
· 11 reports
Similar Incidents
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 reports
Game AI System Produces Imbalanced Game
· 11 reports