Artificial intelligence (AI) makes life easier not only for us, but also for cybercriminals.
It allows them to mount extensive campaigns to deceive people, efforts that would otherwise take months. Security researchers have discovered a new information stealing malware masquerading as video calling software. Hackers have built an entire website and set up companies that use AI to make the malware appear harmless.
They have even created social media accounts to add an extra layer of legitimacy. People are tricked into installing malicious video calling software, and once they do, their personal information and cryptocurrency are stolen.
GET SAFETY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
A man performs a Google search on his laptop (Kurt “CyberGuy” Knutsson)
What you need to know about the malware
Cado Security Labs has discovered a new, sophisticated scam targeting humans. The scam involves a crypto stealer called Realst, which has versions for both macOS and Windows and has been active for about four months.
The hackers behind this malware have gone all out and set up fake company websites, complete with AI-generated blogs, product content, and social media accounts on platforms like Twitter and Medium. The company they pretend to be is called ‘Meetio’, although they have used different names in recent months, including Clusee, Cuesee, Meeten and Meetone.
The scam works in a few different ways. Users on Telegram are often contacted by someone pretending to be a friend or acquaintance. The scammers pitch a business opportunity and ask for a phone call. In one case, the scammer even sent an investment presentation from the target’s own company, which made the scam feel more realistic and personal. Other victims report making Web3-related calls, downloading the software, and having their cryptocurrency stolen.
Once the scammer makes contact, the target is usually redirected to the Meeten website to download the malicious software. But even before the malware is installed, the website features JavaScript that can steal cryptocurrency stored in web browsers. It is a multi-step scam designed to trick you.
A woman working on different computers (Kurt “CyberGuy” Knutsson)
4.3 MILLION AMERICANS EXPOSED TO MASSIVE DATA BREAKING ON HEALTHCARE SAVINGS ACCOUNTS
How the malware works
Once victims are sent to the “Meeten” website, they are given the option to download the software. The file they download contains a program called ‘fastquery’, although other versions of the malware have a different file type (DMG) with a multi-architecture configuration.
When the victim opens the program, two error messages appear. The first says, “Cannot connect to the server. Please reinstall or use the VPN,” and has a “Continue” button. The malware also uses a macOS tool to ask the user for a password, a common trick among macOS malware.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
The malware then searches various files on the victim’s computer to find sensitive information such as passwords and account information. It creates a folder to store this stolen data and then compresses it into a zip file. This zip file is sent to a remote server along with some system data. The server receives information such as the build version of the system, along with the stolen data.
Once the data is sent, the malware deletes any temporary files that were created. The thief can obtain sensitive information such as Telegram login details, bank card details and data from web browsers (such as Google Chrome, Opera, Brave, Microsoft Edge, Arc, CocCoc and Vivaldi). It can steal things like saved passwords, cookies and browsing history.
A woman working on her laptop (Kurt “CyberGuy” Knutsson)
HUGE SECURITY Flaw PUT MAC’S MOST POPULAR BROWSERS AT RISK
6 ways you can protect yourself from sneaky macOS malware
1. Check sources before downloading software: Always make sure you download software from legitimate, trusted sources. Be careful when downloading links sent via unsolicited messages or emails, especially if they are urgent requests or business opportunities.
The best way to protect yourself from malicious links that install malware and potentially gain access to your private data is to install antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware attacks, keeping your personal data and digital assets safe. Get my top picks for the best antivirus protection winners of 2024 for your Windows, Mac, Android, and iOS devices.
2. Be careful with unexpected contact: If you receive messages from unknown contacts on platforms such as Telegram or social media, especially if you are asked to schedule calls or discuss business opportunities, verify the identity of the sender before taking action. Cybercriminals often pose as friends or colleagues to gain trust.
3. Enable two-factor authentication (2FA).: Usage 2FA on your accounts, especially for sensitive services like cryptocurrency wallets, banking and messaging apps. This adds an extra layer of protection in case your credentials are compromised.
4. Use strong and unique passwords: To protect your Mac from malware, it’s also crucial that you use strong, unique passwords for all your accounts and devices. Avoid reusing passwords for different sites or services. A password manager can be incredibly helpful here. It generates and stores complex passwords for you, making them difficult for hackers to crack.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
It also keeps all your passwords in one place and fills them in automatically when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you have to remember, you are less likely to reuse them, reducing the risk of security breaches. Learn more about my best expert-rated password managers of 2024 here.
5. Keep your software up to date: Make sure that both macOS and all installed applications are up to date. Apple regularly releases security patches and updates that address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on how to keep all your devices up to date.
6. Invest in personal data deletion services: Consider services that remove your personal information from public databases. This reduces the chance of your data being misused in phishing or other cyber attacks after a breach and reduces the chance that potential attackers will find you or contact you at all. See my top picks for data deletion services here.
Kurt’s most important takeaway
AI allows scammers to launch malicious campaigns on a scale we’ve never seen before, and it’s likely to get worse as AI models continue to improve. This makes it crucial to have tools that can detect AI-generated content, allowing people to better protect themselves from these scams. In the meantime, trust your common sense, look out for warning signs, and only install software from reputable platforms. For video calls, stick to well-known and trusted platforms such as Zoom, FaceTime, Google Meet and Webex. If someone sends you a random link to a video call, politely ask them to schedule the call using one of these trusted platforms.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Should companies do more to help users detect and protect against AI scams? Let us know by writing to us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter by visiting Cyberguy.com/Newsletter
Ask Kurt a question or let us know which stories you would like us to cover
Follow Kurt on his social channels
Answers to the most frequently asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
