Crypto Wallets Continue to be Drained in Elaborate Social Media Scam

July 16, 2025, 7:45 p.m.

Description

An ongoing social engineering campaign is targeting cryptocurrency users through fake startup companies impersonating AI, gaming, and Web3 firms. The scammers create elaborate facades using spoofed social media accounts and project documentation on platforms like Notion and GitHub. They contact victims offering to pay them to test software, which is actually malware designed to steal crypto wallet contents. The campaign uses both Windows and macOS malware, including information stealers like Atomic Stealer. The threat actors go to great lengths to appear legitimate, even creating fake conference photos and merchandise stores. Multiple fake company identities have been identified as part of this campaign.

External References

https://www.darktrace.com/blog/crypto-wallets-continue-to-be-drained-in-elaborate-social-media-scam
https://otx.alienvault.com/pulse/6877cefd95d4f7f393a22c79
Tags
malware
social engineering
impersonation
windows
cryptocurrency
macos
fake companies
atomic stealer
information stealer
realst
2025-07-16

Date

  • Created: July 16, 2025, 4:10 p.m.
  • Published: July 16, 2025, 4:10 p.m.
  • Modified: July 16, 2025, 7:45 p.m.

Indicators

  • d207c35dc226e917efa445d8b428fe4f49db00a0
Download all indicators here!

Additional Informations

  • Technology
  • Finance