Cybersecurity firm Cado Security Labs has issued a warning about a sophisticated campaign aimed at Web3 workers. The scam, detailed in a Dec. 6 report by Cado’s threat research lead Tara Gould, involves fraudulent meeting apps designed to deliver malware and steal credentials.

The attackers craft fake company websites and social media profiles using AI to appear legitimate. They then approach targets, urging them to download a meeting app called "Meeten," which frequently rebrands under names like “Meetio” and others such as Clusee.com, Meeten.gg, and Meetone.gg.

Once installed, the app deploys a Realst info stealer, capable of extracting sensitive data like Telegram logins, bank card details, and crypto wallet credentials. It also hunts for browser cookies and autofill data, targeting platforms such as Google Chrome, Microsoft Edge, Ledger, Trezor, and Binance Wallets.

Scammers are employing advanced social engineering tactics. In one case, a victim was contacted on Telegram by someone impersonating a trusted acquaintance and was presented with a genuine-looking investment presentation from their own company. These targeted methods highlight the sophistication of the scam.

Gould reported that some victims have joined Web3-related calls, downloaded the malicious software, and subsequently lost their cryptocurrency. This evolving scam poses a serious threat to individuals and businesses in the Web3 space.

Web3 workers are advised to remain vigilant, verify all downloads, and rely only on trusted sources for apps. With scammers continually refining their tactics, caution and proactive cybersecurity measures are critical to avoiding losses.