Scammers Use Fake Telegram Bots to Raid Crypto Wallets

Scammers Target Crypto Investors Using Fake Telegram Bots

Scam Sniffer, a blockchain security firm, has raised a major alarm over an emerging scam technique that combines social engineering and malware to steal cryptocurrency from unsuspecting users. The scammers have been creating fake X (formerly Twitter) accounts, impersonating well-known crypto influencers, to deceive users into joining fraudulent Telegram groups.

Once users enter these groups, they are immediately prompted to verify their identity through a fake verification bot named “OfficiaISafeguardBot.” The bot pushes an urgent call to action, creating a false sense of urgency with short verification windows that pressure users into completing the process quickly.

This is where the scam takes a more dangerous turn. Upon completion of the verification, the bot injects malicious PowerShell code into the users device. The code runs silently, downloading and executing malware that compromises both computer systems and crypto wallets. The malware often leads to the theft of private keys, giving scammers complete access to victims' funds.

In a Dec. 10 post on X, Scam Sniffer confirmed that it has seen numerous cases where this scam led to significant crypto losses. The firm said that many of the recent thefts were directly linked to the fake verification bot. While its not yet clear if other malicious bots are in circulation, Scam Sniffer has warned that it is easy for scammers to imitate other well-known figures and create multiple malicious bots to widen their attack reach.

Sophistication of Malware Infrastructure

Scam Sniffer noted that while malware targeting regular users is not a new phenomenon, the infrastructure and sophistication of these attacks have been growing at an alarming rate. The firm explained that scammers are evolving their tactics into a scam-as-a-service model. This means successful attackers, having stolen significant amounts of cryptocurrency, are now offering their tools and techniques to other scammers, effectively renting out their malware to phishing operators and targeting even more victims.

The surge in scam-as-a-service is a growing concern for the crypto community, as it allows less experienced scammers to launch attacks without developing their own malicious software. These developments mean that the crypto space is facing increasingly sophisticated threats, which are harder to detect and prevent.

According to Scam Sniffer, this type of malware distribution through Telegram, paired with impersonation tactics on X, is unprecedented. This is the first time they have observed a combination of fake social media accounts, fraudulent Telegram channels, and malicious Telegram bots in such a coordinated effort to defraud users.

A Surge in Impersonation Scams

The rise in impersonation scams is a notable trend, with Scam Sniffer highlighting a significant increase in fraudulent accounts on X. In a study of recent trends, Scam Sniffer reported a 300% increase in scammers impersonating others on the platform, with more than 300 fake accounts detected daily in December alone. This marks a significant jump from the previous month when the average was just 160 accounts.

Scammers often use these impersonated accounts to shill fake links and fraudulent tokens, hoping to lure victims into clicking on links that lead to phishing sites or downloading malicious files. These activities have already led to at least two reported incidents in which victims lost millions of dollars. According to Scam Sniffers data, at least $3 million was lost in these scams, primarily due to users signing fraudulent transactions or engaging with malicious links.

Final Thoughts:

As cryptocurrency becomes an increasingly popular and lucrative target, scammers are refining their methods to steal funds from unsuspecting users. The combination of fake X accounts, Telegram impersonation, and malicious bots represents a new and alarming escalation in the tactics used by cybercriminals. Users are urged to be extra cautious when interacting with unknown accounts or bots, particularly on platforms like X and Telegram, where fraudulent activities are on the rise. Always verify the authenticity of any Telegram bot before engaging and never rush through security processes that seem too urgent. Crypto users must prioritize security practices to protect their wallets and assets.