Cyber criminals are using Artificial Intelligence (AI) to enhance their attacks by developing more convincing schemes to lure victims.ย A new malware threat has been discovered, disguising itself as a video-calling software to steal personal data and cryptocurrency from unsuspecting victims. Security researchers at Cado Security Labs have identified this crypto stealer, known as Realst, which targets both MacOS and Windows systems and has been active for about four months.
These threat actors are getting creative by building fake but convincing company websites using AI technology. They have also created fraudulent companies under various names including Meetio, Clusee, Cuesee, Meeten, and Meetone. To make their fake companies look real, they employ the help of AI to write blog posts and create social media accounts on Twitter and Medium. By using AI, they can develop well polished and error free post, create phishing campaigns and make fake product information to convince people their software is safe to use.
The attack process works in several ways. The criminals usually contact victims through telegram, pretending to be acquaintances and proposing a business opportunity that requires video calls. When people visit these fake company websites, they encounter JavaScript code designed to steal cryptocurrency stored in web browsers even before any software installation occurs.
After downloading and running the malware, users receive deceptive error messages, asking for their system passwords. The harmful program, often disguised as “fastquery,” then steals all sorts of sensitive information including passwords, banking details, and credentials from various web browsers such as Chrome, Opera, Brave, and Microsoft Edge.
To protect against such AI-powered scams, cybersecurity experts recommend a multi-layered protection. This includes careful verification of software sources, caution towards unexpected business contacts. Implement strong security measures such as two-factor authentication and unique passwords.
Regular software updates, particularly for operating systems and applications, are crucial for maintaining security. Additionally, experts suggest the use of services that remove your personal information from public websites and investing in good antivirus software on your devices. Being careful online and following these safety steps can help you avoid falling for these clever scams.
About the author:
