Meeten Malware Exploits Meeting Apps To Target Crypto Wallets - 1

Image by Freepik

Meeten Malware Exploits Meeting Apps To Target Crypto Wallets

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

A new malware campaign dubbed “Meeten” is targeting Web3 professionals using a fake meeting application to steal sensitive data and cryptocurrency.

In a Rush? Here are the Quick Facts!

  • Meeten malware targets Web3 workers, stealing cryptocurrency and sensitive data.
  • Threat actors use AI-generated content to create fake, convincing corporate websites.
  • The malware has both macOS and Windows variants for cross-platform attacks.

Discovered by Cado Security Labs , the malware operates across macOS and Windows platforms and is part of a sophisticated phishing scam designed to appear legitimate through the use of AI-generated content.

The attackers behind Meeten pose as representatives of a fake company, “Meetio,” which has operated under multiple aliases, including Clusee and Meeten.gg.

To lure victims, the scammers create professional-looking websites, complete with AI-generated blogs and social media profiles, to establish credibility.

Victims are typically approached via Telegram, often by someone impersonating a known contact, and are invited to discuss business opportunities through a video call.

The victim is directed to download the “Meeten” meeting application from the fake company’s website. However, instead of a legitimate conferencing tool, the application is an information stealer.

The malware is designed to exfiltrate cryptocurrency, browser credentials, and sensitive personal information.

In some instances, the scammers demonstrate extensive planning by sending victims investment presentations from their own companies, further convincing them of the scam’s authenticity.

Victims report losing cryptocurrency and other financial assets after downloading the application.

Notably, the Meeten websites also embed JavaScript capable of stealing cryptocurrency stored in browsers, even if the malware itself is not installed. This demonstrates the layered nature of the attack, where victims’ assets can be compromised at multiple stages.

The macOS variant of Meeten disguises itself as a 64-bit Rust binary called “fastquery.” Once executed, it requests the user’s password via a pop-up under the guise of a connection error.

The malware then searches for sensitive information, including browser cookies, autofill credentials, and wallet data from popular crypto wallets such as Ledger and Trezor. The stolen data is packaged into a zip file and sent to a remote server.

The Windows version of Meeten uses an Electron-based application structure to target data from browsers, Telegram credentials, and crypto wallets. It also employs advanced techniques like compiling JavaScript into bytecode to evade detection.

The use of AI in this campaign highlights the increasing sophistication of cyber threats.

AI-generated content adds a veneer of legitimacy, making it harder for users to detect fraudulent websites. This represents a growing trend where AI is used not just for malware development but also to craft convincing social engineering campaigns.

One reported scam involved a victim being contacted by a Telegram account mimicking an acquaintance, complete with a seemingly genuine investment presentation. Once trust was established, the victim was directed to the Meeten website, which hosted the malware.

To avoid falling victim, users are urged to verify the authenticity of business contacts. Always cross-check website URLs, avoid downloading software from unverified sources, and maintain strict cybersecurity practices.

MacOS Malware Surge Fueled by Generative AI, Experts Warn - 2

Image by Freepik

MacOS Malware Surge Fueled by Generative AI, Experts Warn

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Cybersecurity experts from Moonlock have raised the alarm about a rise in macOS malware driven by generative AI tools like ChatGPT.

In a Rush? Here are the Quick Facts!

  • macOS malware surged as its market share rose 60% in three years.
  • Malware-as-a-service (MaaS) has made macOS-targeting malware cheaper and more accessible.
  • AMOS Stealer offers a customizable malware builder and administrative tools for macOS campaigns.

According to Moonlock’s 2024 Threat Report , these tools are enabling cybercriminals to bypass technical barriers and create malicious software with unprecedented speed and ease.

Screenshots shared on darknet forums reveal how hackers are leveraging AI to develop macOS-targeted malware step-by-step.

Inexperienced individuals are using these tools to generate code, build malware packages, and even extract sensitive data, highlighting the alarming role AI now plays in empowering cybercrime.

Once considered a relatively secure platform, macOS has seen a surge in malware threats as its market share grew by 60% over the past three years. Malware-as-a-service (MaaS) models, offering affordable and accessible tools, have fueled this rise.

Hackers are increasingly targeting macOS users with sophisticated malware designed to steal sensitive information, including cryptocurrency wallet details and Keychain data.

The cost of acquiring macOS malware has dropped dramatically. Tools that previously cost tens of thousands of dollars are now available for as little as $1,500 per month, noted Moonlock.

This affordability, combined with AI-assisted malware development, has significantly lowered the barrier to entry for cybercriminals. MaaS has transformed the cybercrime landscape, making macOS malware more accessible than ever, says Moonlock.

Offerings like AMOS Stealer exemplify this shift. Launched in 2023, AMOS provides a customizable malware builder, an administrative panel for managing stolen data, and advanced features tailored to macOS systems, as reported by Moonlock.

Moonlock says that threat actors are employing diverse tactics to distribute malware, such as poisoning Google Ads, creating fake GitHub repositories, and impersonating software downloads.

Moonlock’s report highlights how macOS malware developers are adopting techniques like advanced obfuscation and dynamic code execution to evade detection.

The next generation of malware is expected to feature unpredictable behavior across samples, further complicating defense efforts.

The key to staying safe, experts emphasize, lies in awareness. Cybercriminals rely heavily on social engineering to trick users.

By avoiding suspicious downloads, scrutinizing unusual prompts, and staying informed about evolving threats, macOS users can better protect themselves in an increasingly hostile digital landscape.