The next time someone asks you to download a new app in order to connect with them, make sure to confirm that the app is real. According to Cado Security Labs (via BleepingComputer), a sophisticated scam has been making the rounds, targeting those who work in Web3 with crypto-stealing. A company called Meetio—which has repeatedly changed names in recent months—is reaching out to potential targets to set up video calls. After making contact, they prompt a target to download a meeting app that contains the malware.
The security researchers refer to the scam as “Meeten” after the name of the app and an earlier name of the company. The company has also now gone by Clusee[.]com, Cuesee, Meeten[.]gg, Meeten[.]us, and Meetone[.]gg, as well as its current name, Meetio.
The scammers have gone all out to convince targets of their legitimacy. They went as far as to set up entire fabricated company websites full of AI-generated blog posts, product content, and social media accounts on X and Medium.
“Based on reports from targets, the scam is conducted in multiple ways,” Cado Security Labs says in a blog post. “In one reported instance, a user was contacted on Telegram by someone they knew who wanted to discuss a business opportunity and to schedule a call. However, the Telegram account was created to impersonate a contact of the target. Even more interestingly, the scammer sent an investment presentation from the target’s company to him, indicating a sophisticated and targeted scam. Other reports of targeted users report being on calls related to Web3 work, downloading the software and having their cryptocurrency stolen.”
Tech. Entertainment. Science. Your inbox.
Sign up for the most interesting tech & entertainment news out there.
By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.
Once the hackers make contact, they direct the targets to the Meeten website to download their malicious meeting app. Even if they avoid the app, Meeten websites contain Javascript capable of stealing cryptocurrency stored in web browsers.
There is a macOS version of the malware as well as a Windows version, so most anyone could potentially fall victim to this scam. Cado says that we “must remain vigilant by verifying sources, implementing strict security practices, and monitoring for suspicious activity.”