Cybercriminals have launched an advanced campaign targeting Web3 professionals by distributing fake video conferencing software. The malware, known as Meeten, infects both Windows and macOS systems, stealing sensitive data, including cryptocurrency, banking details, browser-stored information, and Keychain credentials. Active since September 2024, Meeten masquerades as legitimate software while compromising users’ systems.
Evolution of the Meeten Campaign
The campaign, uncovered by Cado Security Labs, represents an evolving strategy among threat actors. Frequently rebranded to appear authentic, fake meeting platforms have been renamed as Clusee, Cuesee, and Meetone. These platforms are supported by highly convincing websites and AI-generated social media profiles.
How Victims Are Targeted:
- Phishing schemes and social engineering tactics are the primary methods.
- Attackers impersonate trusted contacts on platforms like Telegram.
- Victims are directed to download the fraudulent Meeten app, often accompanied by fake company-specific presentations.
On macOS, the malware is distributed as CallCSSetup.pkg. Key behaviors include:
- Escalates privileges by prompting users for their system password via legitimate macOS tools.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: