Catenaa, Thursday, January 23, 2025- Crypto scammers have made a major pivot to Telegram, with malware scams now surpassing traditional phishing in volume, increasing by 2,000% since November, according to security firm Scam Sniffer.
These new scams involve sophisticated malware distributed through fake verification bots in fraudulent Telegram groups, including fake trading, airdrop, and alpha groups.
Once installed, the malware allows scammers to access users’ passwords, scan for wallet files, monitor clipboards, and steal browser data.
Scam Sniffer has identified at least two fake bots OfficiaISafeguardRobot and SafeguardsAuthenticationBot — which scammers use to infect devices.
These attacks go beyond the typical “connect wallet” schemes, which have become easier to detect. Instead, scammers are exploiting social engineering tactics to deceive users into installing malicious software.
The shift began after scammers noticed users were becoming more cautious about phishing links. They now target legitimate crypto communities with fake invites, using Telegram bots to inject malware once users verify themselves. This method, while difficult to trace, has proven effective for attackers.
In 2024, $2.3 billion worth of cryptocurrency was stolen, a 40% increase from 2023, as reported by Cyvers. The increase underscores the growing sophistication of these scams, which continue to evolve in response to heightened user awareness.
