Incident 870: translated-fr-Meeten Malware Campaign Reportedly Undermines Web3 Security Using AI-Legitimized Branding
Description: translated-fr-Threat actors, using aliases such as "Meeten," "Meetio," and "Clusee," reportedly deployed AI-generated content to create fake company websites, blogs, and social media profiles, impersonating legitimate businesses in order to trick Web3 professionals and cryptocurrency users into downloading Realst malware. The malware allegedly targets macOS and Windows platforms, steals credentials, browser data, and cryptocurrency wallet information, exfiltrating sensitive data to remote servers.
Editor Notes: Reconstructing the timeline of events: (1) Around August 2024: Threat actors reportedly began targeting Web3 professionals using Telegram impersonations and phishing schemes. (2) September 2024: Creation of reportedly fake company websites, including domains like "Meeten.us" and "Clusee.com," with AI-generated content. (3) October 2024: Reports of Realst malware allegedly being distributed through these websites. (4) November 2024: Malware analysis revealed technical details of Realst Stealer for macOS and Windows, which also included its ability to exfiltrate sensitive data to remote servers. (5) December 6, 2024: Cado Security Labs publicized their findings.
Entités
Voir toutes les entitésPrésumé : Un système d'IA développé et mis en œuvre par Meeten , Meetone , Meetio , Clusee , Cuesee , Generative AI tools , Electron framework et Realst Stealer, a endommagé Web3 professionals et Cryptocurrency users.
Statistiques d'incidents
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
4.3. Fraud, scams, and targeted manipulation
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Malicious Actors & Misuse
Entity
Which, if any, entity is presented as the main cause of the risk
Human
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional
Rapports d'incidents
Chronologie du rapport
Les laboratoires de sécurité Cado ont identifié une nouvelle arnaque sophistiquée ciblant les personnes qui travaillent dans le Web3. La campagne comprend le voleur de crypto-monnaies Realst qui possède des variantes macOS et Windows, et es…
L'intelligence artificielle (IA) facilite la vie non seulement pour nous, mais aussi pour les cybercriminels.
Elle leur permet de créer des campagnes élaborées pour tromper les gens, des efforts qui prendraient autrement des mois. Des cher…
Variantes
Une "Variante" est un incident de l'IA similaire à un cas connu—il a les mêmes causes, les mêmes dommages et le même système intelligent. Plutôt que de l'énumérer séparément, nous l'incluons sous le premier incident signalé. Contrairement aux autres incidents, les variantes n'ont pas besoin d'avoir été signalées en dehors de la base de données des incidents. En savoir plus sur le document de recherche.
Vous avez vu quelque chose de similaire ?
Incidents similaires
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 rapports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 rapports
Game AI System Produces Imbalanced Game
· 11 rapports
Incidents similaires
Selected by our editors
Did our AI mess up? Flag the unrelated incidents
The DAO Hack
· 24 rapports
A Chinese Tech Worker at Zhihu Fired Allegedly via a Resignation Risk Prediction Algorithm
· 4 rapports
Game AI System Produces Imbalanced Game
· 11 rapports