Description: Threat actors, using aliases such as "Meeten," "Meetio," and "Clusee," reportedly deployed AI-generated content to create fake company websites, blogs, and social media profiles, impersonating legitimate businesses in order to trick Web3 professionals and cryptocurrency users into downloading Realst malware. The malware allegedly targets macOS and Windows platforms, steals credentials, browser data, and cryptocurrency wallet information, exfiltrating sensitive data to remote servers.
Editor Notes: Reconstructing the timeline of events: (1) Around August 2024: Threat actors reportedly began targeting Web3 professionals using Telegram impersonations and phishing schemes. (2) September 2024: Creation of reportedly fake company websites, including domains like "Meeten.us" and "Clusee.com," with AI-generated content. (3) October 2024: Reports of Realst malware allegedly being distributed through these websites. (4) November 2024: Malware analysis revealed technical details of Realst Stealer for macOS and Windows, which also included its ability to exfiltrate sensitive data to remote servers. (5) December 6, 2024: Cado Security Labs publicized their findings.
Entités
Voir toutes les entitésPrésumé : Un système d'IA développé et mis en œuvre par Meeten , Meetone , Meetio , Clusee , Cuesee , Generative AI tools , Electron framework et Realst Stealer, a endommagé Web3 professionals et Cryptocurrency users.
Statistiques d'incidents
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
4.3. Fraud, scams, and targeted manipulation
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Malicious Actors & Misuse
Entity
Which, if any, entity is presented as the main cause of the risk
Human
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional
Rapports d'incidents
Chronologie du rapport
Les laboratoires de sécurité Cado ont identifié une nouvelle arnaque sophistiquée ciblant les personnes qui travaillent dans le Web3. La campagne comprend le voleur de crypto-monnaies Realst qui possède des variantes macOS et Windows, et es…
L'intelligence artificielle (IA) facilite la vie non seulement pour nous, mais aussi pour les cybercriminels.
Elle leur permet de créer des campagnes élaborées pour tromper les gens, des efforts qui prendraient autrement des mois. Des cher…
Variantes
Une "Variante" est un incident qui partage les mêmes facteurs de causalité, produit des dommages similaires et implique les mêmes systèmes intelligents qu'un incident d'IA connu. Plutôt que d'indexer les variantes comme des incidents entièrement distincts, nous listons les variations d'incidents sous le premier incident similaire soumis à la base de données. Contrairement aux autres types de soumission à la base de données des incidents, les variantes ne sont pas tenues d'avoir des rapports en preuve externes à la base de données des incidents. En savoir plus sur le document de recherche.
Incidents similaires
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO (organization)
· 24 rapports
Chinese tech workers outraged by surveillance tool that flags employees who look likely to quit
· 4 rapports
6 goof-ups that show AI is still in its diapers
· 11 rapports
Incidents similaires
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO (organization)
· 24 rapports
Chinese tech workers outraged by surveillance tool that flags employees who look likely to quit
· 4 rapports
6 goof-ups that show AI is still in its diapers
· 11 rapports