The number of malware scams targeting crypto investors on Telegram has increased dramatically, outpacing traditional phishing attacks.
This was reported by blockchain security company Scam Sniffer, The Block writes. According to the company, the number of such attacks increased by 2,000% between November 2024 and January 2025.
Unlike the usual phishing attacks that rely on fake websites, the new wave of scams uses more sophisticated methods. Attackers infiltrate legitimate crypto communities on Telegram, masquerading as reputable members and sending seemingly safe invitations. The goal is to trick users through fake verification processes.
«These are not your typical “wallet connection”» scams, — explains Scam Sniffer. «The attackers are distributing sophisticated malware through fake verification bots, fake trading groups, fake airdrop groups, and “exclusive” alpha groups».
Once the victim passes the fake verification, malicious code is embedded in their clipboard that downloads the malware. This allows attackers to access passwords, crypto wallets, and browser data.
Experts say that scammers have changed tactics as crypto users have become more wary of traditional scam schemes. With Telegram, which is widely used in crypto communities, attackers are significantly expanding their reach.
«Remember: no legitimate crypto service will ever ask you to execute commands, install verification software, or run scripts from your clipboard», — warns Scam Sniffer.
Chainalysis' data underscores the scale of the threat. Losses from fraud and hacking attacks in the cryptocurrency sector in 2024 reached $2.2 billion, which is 24% more than in the previous year. The bulk of these illegal actions fall on decentralized finance (DeFi) platforms. Experts urge crypto investors to be vigilant, especially on platforms such as Telegram.
Author: Taras Mishchenko – Editor-in-Chief Mezha.Media, has over 15 years of experience in IT journalism, writes about new technologies and gadgets