Microsoft has discovered a new scam targeting crypto firms on Telegram
The cryptocurrency market has grown considerably in recent years, although not in recent months admittedly, and in the process has attracted a wide variety of phishing scams and scammers targeting crypto enthusiasts. It now looks as though there is a new type of scam that is targeting the crypto industry.
The Microsoft Security Threat Intelligence team has published a new report outlining the details of a new threat to cryptocurrency investment companies that is targeting them via Telegram. Microsoft is referring to the new threat actor as DEV-0139. The says:
“DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members. The threat actor posed as representatives of another cryptocurrency investment company, and in October 2022 invited the target to a different chat group and pretended to ask for feedback on the fee structure used by cryptocurrency exchange platforms.”
This marks an escalation of the common phishing-type scams that see malicious actors trying to trick unsuspecting victims into clicking links to infected sites or downloading malicious files. In this instance, through exhibiting a broader knowledge of the crypto industry, DEV-0139 has been able to gain the trust of representatives from crypto investment companies and trick them into acting against their own interests.
Once contact has been established and trust gained, DEV-0139 pushes victims to download a “weaponized Excel file” called OKX Binance & Huobi VIP fee comparision.xls. Although this file does contain information and tables that look reputable, it also initiates a string of events that lead to the opening of backdoors that give DEV-0139 remote access to the machine.
Microsoft has not attributed this attack to any specific actor or group, instead focusing on the identifier DEV-0139. However, according to a report by BleepingComputer, threat intelligence firm Volexity has published similar findings to Microsoft and connects the threat actor to the North Korean Lazarus Threat Group. The report goes on to say that this group is also thought to be responsible for other big attacks such as the WannaCry ransomware attack of 2017.
This story highlights just how important it is to be careful when interacting online and when clicking links or downloading files. Phishing scams are becoming increasingly prevalent and dangerous, which is why we recommend familiarising yourselves with the tell-tale signs of phishing scams as shown in this infographic looking at scam emails and correspondences.
Most recovery companies will take your money again. I personally don’t think they are the same set of people that run all of them, seems like an unending cycle and it’s too sad. The most crazy thing about the whole internet thing is how you can clone a website to make it look like the real one, I discovered so manrry people fell into this kind of scams. The only recovery company I know that works is Recovering Atusa. com I have been to their physical address to meet them before and the good thing about them is that they will let you know if they can handle your case or not. So they will not just take your money when they already know they won’t help you out.
This website is quickly turning into a M$ love fest, a “ONE MICROSOFT WAY” orgy.
Should it continue, you’ll continue to lose a lot of your readers, including me. What a sad place this is becoming.
As strange as it sounds, MS and Google periodically do good things and discover/break bot operations.
If it’s targeting the crypto bros is it really a scam or a chivalrous deed??
Crypto is just another Ponzi scheme made from nothing physical at all, you can’t own it physically or hold it in your hand at all. Digital fantasy numbers on a computer screen is the dumbest thing ever invented. It also goes against individual freedom and privacy too. People who support this dumb worthless crap on a computer screen are asking to be much bigger slaves to the evil system. If you don’t hold something of real physically value in your possession then you don’t own a damn thing at all.
Crypto goes well with the future that The World Economic Forum has cooked up for us: “You will own nothing and be happy”
asd well that’s only if you comply to the fake Crypto BS or their slavery. By the way central banks around the world are buying up gold and silver like crazy, not retarded digital fantasy numbers on a computer screen made from nothing physical. So this should tell you something about the real future.