Individuals in the Web3 sector have been subjected to a novel scam campaign that distributes the Realst information-stealing malware through the fraudulent video conferencing app Meetio, previously known as Clusee, Cuesee, Meeten, and Meetone, according to The Hacker News.
After leveraging artificial intelligence to create a website establishing the app’s legitimacy, threat actors proceeded to lure targets on Telegram into downloading the app to join a meeting regarding an investment opportunity, a report from Cado Security revealed. Downloading the app on iOS would trigger an incompatibility warning that seeks system password inputting, which would allow the Realst infostealer to steal cryptocurrency wallets, Telegram credentials, iCloud Keychain information, banking details, and browser cookies. On the other hand, such an app for Windows features a legitimate Brys Software-signed installer with an Electron app that facilitated Realst stealer executable retrieval. Such findings come amid the increasing prevalence of software brand spoofing to spread information-stealing payloads.