Artificial intelligence (AI) is making life easier not only for us but also for cybercriminals.
It’s allowing them to create elaborate campaigns to fool people, efforts that would otherwise take months. Security researchers have discovered a new information-stealing malware that masquerades as video calling software. Hackers have created an entire website and created companies that use artificial intelligence to make malware appear harmless.
They have even created social media accounts to add an extra layer of legitimacy. People are tricked into installing video calling malware and once they do, it steals their personal information. data and cryptocurrencies.
A man performs a Google search on his laptop. (Kurt “CyberGuy” Knutsson)
What you need to know about malware
Cado Safety Laboratories has discovered a new and sophisticated scam targeting people. The scam involves a cryptocurrency thief called Realst, which has versions for both macOS and Windows and has been active for about four months.
The hackers behind this malware have gone all out and created fake business websites with AI-generated blogs, product content, and social media accounts on platforms like Twitter and Medium. The company they claim to be is called “Meetio”, although they have used different names in recent months, including Clusee, Cuesee, Meeten and Meetone.
The scam works in different ways. Users are often contacted on Telegram by someone posing as a friend or acquaintance. Scammers present a business opportunity and ask to schedule a call. In one case, the scammer even sent an investment presentation from the target’s own company, which made the scam seem more real and personal. Other victims report that they were on Web3-related calls, downloaded the software, and had their cryptocurrencies stolen.
Once the scammer gets in touch, the target is usually directed to the Meeten website to download the malware. But even before the malware is installed, the website has JavaScript that can steal cryptocurrency stored in web browsers. It is a multi-step scam designed to trick you.
A woman working on several computers. (Kurt “CyberGuy” Knutsson)
4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH
How malware works
Once victims are sent to the “Meeten” website, they are given the option to download the software. The file they download contains a program called “fastquery”, although other versions of the malware come as a different file type (DMG) with a multi-architecture configuration.
When the victim opens the program, two error messages appear. The first one says, “Can’t connect to the server. Please reinstall or use a VPN” and has a “continue” button. The malware also uses a macOS tool to prompt the user for a password, a common trick in macOS malware.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
The malware then searches various files on the victim’s computer for sensitive information, such as passwords and account details. It creates a folder to store this stolen data and then compresses it into a zip file. This zip file, along with some system data, is sent to a remote server. The server receives information such as the build version of the system, along with the stolen data.
Once the data is sent, the malware deletes the temporary files it created. The thief is capable of capturing sensitive information such as Telegram credentials, bank card details, and data from web browsers (such as Google Chrome, Opera, Brave, Microsoft Edge, Arc, CocCoc, and Vivaldi). It can steal things like saved passwords, cookies, and browsing history.
A woman working on her laptop (Kurt “CyberGuy” Knutsson)
A MASSIVE SECURITY FAILURE PUT MOST POPULAR BROWSERS ON MAC AT RISK
Six ways to stay safe from deceptive macOS malware
1. Check sources before downloading software: Always make sure to download software from legitimate and trustworthy sources. Be careful when downloading anything from links sent through unsolicited messages or emails, especially if they involve urgent requests or business opportunities.
The best way to protect yourself from malicious links that install malware and potentially access your private information is to have antivirus software installed on all of your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my top picks for the best antivirus protection winners of 2024 for your Windows, Mac, Android, and iOS devices.
2. Be careful with unexpected contacts: If you receive messages from unknown contacts on platforms such as Telegram or social networks, especially those asking you to schedule calls or discuss business opportunities, verify the identity of the sender before taking any action. Cybercriminals often pose as friends or colleagues to gain trust.
3. Enable two-factor authentication (2FA): Wear 2FA into your accounts, particularly for sensitive services like cryptocurrency wallets, banking and messaging apps. This adds an extra layer of protection in case your credentials are compromised.
4. Use strong and unique passwords: To protect your Mac from malware, it’s also essential to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords for different sites or services. TO password manager can be incredibly helpful here. It generates and stores complex passwords, making it difficult for hackers to crack them.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
It also keeps track of all your passwords in one place and auto-fills them for you when you sign in to accounts so you don’t have to remember them yourself. By reducing the number of passwords you need to remember, you are less likely to reuse them, reducing the risk of security breaches. Get more details about me Best expert-reviewed password managers of 2024 here.
5. Keep your software up to date: Make sure macOS and all installed apps are up to date. Apple frequently releases security patches and updates that address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my Guide to keep all your devices updated..
6. Invest in personal data removal services: Consider services that remove your personal information from public databases. This reduces the chances of your data being exploited in phishing or other cyber attacks after a breach and reduces the chances of potential attackers finding or contacting you in the first place. Check out my top picks for data removal services here.
Kurt’s Key Takeaway
AI allows fraudsters to launch malicious campaigns on a scale we have never seen before and is likely to get worse as AI models continue to improve. This makes it essential to have tools that can detect AI-generated content, which will help people better protect themselves against these scams. In the meantime, trust your common sense, watch out for red flags, and only install software from reputable platforms. For video calls, use well-known and trusted platforms such as Zoom, FaceTime, Google Meet, and Webex. If someone sends you a random video call link, politely ask them to schedule the call using one of these trusted platforms.
CLICK HERE TO GET THE FOX NEWS APP
Should companies do more to help users detect and protect themselves from AI-powered scams? Let us know by writing to us at Cyberguy.com/Contact
For more tech tips and security alerts, sign up for my free CyberGuy Report newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or tell us what stories you’d like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy’s most frequently asked questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
