Description: Threat actors, using aliases such as "Meeten," "Meetio," and "Clusee," reportedly deployed AI-generated content to create fake company websites, blogs, and social media profiles, impersonating legitimate businesses in order to trick Web3 professionals and cryptocurrency users into downloading Realst malware. The malware allegedly targets macOS and Windows platforms, steals credentials, browser data, and cryptocurrency wallet information, exfiltrating sensitive data to remote servers.
Editor Notes: Reconstructing the timeline of events: (1) Around August 2024: Threat actors reportedly began targeting Web3 professionals using Telegram impersonations and phishing schemes. (2) September 2024: Creation of reportedly fake company websites, including domains like "Meeten.us" and "Clusee.com," with AI-generated content. (3) October 2024: Reports of Realst malware allegedly being distributed through these websites. (4) November 2024: Malware analysis revealed technical details of Realst Stealer for macOS and Windows, which also included its ability to exfiltrate sensitive data to remote servers. (5) December 6, 2024: Cado Security Labs publicized their findings.
Entities
View all entitiesAlleged: Meeten , Meetone , Meetio , Clusee , Cuesee , Generative AI tools , Electron framework and Realst Stealer developed and deployed an AI system, which harmed Web3 professionals and Cryptocurrency users.
Incident Stats
Incident ID
870
Report Count
2
Incident Date
2024-12-06
Editors
Daniel Atherton
Incident Reports
Reports Timeline
cadosecurity.com · 2024
- View the original report at its source
- View the report at the Internet Archive
Cado Security Labs have identified a new sophisticated scam targeting people who work in Web3. The campaign includes crypto stealer Realst that has both macOS and Windows variants, and has been active for around four months. The threat acto…
foxnews.com · 2024
- View the original report at its source
- View the report at the Internet Archive
Artificial intelligence (AI) is making life easier not just for us but also for cybercriminals.
It is enabling them to create elaborate campaigns to deceive people, efforts that would otherwise take months. Security researchers have discov…
Variants
A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.
Similar Incidents
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 reports
Game AI System Produces Imbalanced Game
· 11 reports
Similar Incidents
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 reports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 reports
Game AI System Produces Imbalanced Game
· 11 reports