Crypto scammers increasingly use Telegram to distribute malware scams, with reported activity rising by 2,000% since November.
Security firm Scam Sniffer has highlighted this concerning trend, noting that these scams are significantly more sophisticated than traditional phishing attempts.
1/6 📊 ALERT: Our data shows a concerning trend—Telegram malware scams have surpassed traditional phishing!
From Nov 2024 to Jan 2025:
– Malicious Telegram group scams increased by 2000%+
– Regular phishing remained stableHere’s why this matters… 🧵 https://t.co/6MQkDWCLrr pic.twitter.com/U6YBtbaPHK
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 16, 2025
Scammers now use fake verification bots in fraudulent Telegram groups to distribute malware. These bots, such as OfficiaISafeguardRobot and SafeguardsAuthenticationBot, can steal passwords, scan wallet files, monitor clipboards, and access browser data.
Scam Sniffer reported that this shift reflects scammers’ adaptation to growing user awareness of signature-based scams. Malware allows attackers broader access to victims’ digital assets, making stolen funds harder to trace.
The security firm first flagged this issue in December after observing scammers impersonating popular crypto influencers on X. These impostors lure users into Telegram groups with promises of investment insights, only to deploy malware via fake verification processes.
Another common ploy involves fake Cloudflare verification pages that prompt users to copy and paste malicious text into their clipboards, compromising their systems.
In a January 4 update, Scam Sniffer revealed that scammers now target legitimate crypto project communities with seemingly harmless invites, further leveraging social engineering to exploit victims.
“Unlike signature phishing (where we tracked $494M+ stolen in 2024), malware attack losses are nearly impossible to measure. But the massive shift in scammer tactics tells us one thing – it’s working,”
the firm warned, urging users to remain vigilant and avoid interacting with suspicious Telegram bots or links.
In a related development, Law enforcement in Limassol, Cyprus, is investigating a fraudulent cryptocurrency trading platform that scammed a 50-year-old man out of over $58,000. The site’s professional design and interactive tools attracted the victim, falsely showing growing investments. After making multiple transactions, his attempts to withdraw funds were blocked, and scammers demanded additional fees to “unlock” the money, exemplifying advance-fee fraud.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
