Crypto Scams Surge on Telegram Through Malware Tactics
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
Crypto scammers have increasingly targeted Telegram users with sophisticated malware, leading to a sharp rise in Telegram scams. According to Scam Sniffer in an X post on January 15, these scams have evolved from traditional phishing methods to advanced malware attacks, with a reported 2,000% increase in such cases since November.
Telegram Scams Hit New Highs Amid Malware Threat
Unlike conventional phishing, where users are tricked into connecting their wallets to fraudulent sites, these new scams involve distributing malware through fake verification bots in trading groups, airdrop communities, and other Telegram channels.
Scam Sniffer highlighted that once users interact with these fake bots, such as “OfficiaISafeguardRobot” or “SafeguardsAuthenticationBot,” malicious software is installed on their devices.
This malware can steal passwords, private keys, wallet files, and browser data. “Once you execute their code or install their verification software, they can access your passwords, scan for wallet files, monitor your clipboard and steal browser data,” the firm stated.
Scam Sniffer first flagged the rise of Telegram scams in December when scammers began impersonating crypto influencers on platforms like X (formerly Twitter).
They used these fake accounts to direct users into Telegram groups, offering investment tips or other incentives. Once inside, users were required to verify their identity through malicious bots, which injected malware into their systems.
Scammers Adapt to Increased Awareness
In a January 4 update, Scam Sniffer explained that scammers are now infiltrating legitimate project communities with fake invites. “This shift in tactics indicates scammers are adapting to increased user awareness about phishing links. Instead, they’re leveraging more sophisticated social engineering through Telegram bots,” the firm said.
1/5 🚨 UPDATE: The scammers have evolved their tactics beyond crypto influencers.
They're now targeting legitimate project communities with seemingly harmless invites. https://t.co/6MQkDWCLrr pic.twitter.com/vNL7FtCgDK
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 5, 2025
Another method involves fake Cloudflare verification pages, where users are instructed to paste text into their clipboard. This seemingly innocuous action secretly installs malware capable of compromising their wallets.
The shift to malware tactics offers scammers broader access to victims’ assets and makes losses harder to track.
As Scam Sniffer pointed out, “Malware attack losses are nearly impossible to measure. But the massive shift in scammer tactics tells us one thing — it’s working.”
This trend is part of a broader issue in the crypto industry. A report by Cyvers, an on-chain security firm, revealed that $2.3 billion in crypto was stolen across 165 incidents in 2024, marking a 40% increase from 2023. However, there was a decline compared to the $3.78 billion stolen in 2022.
Scammers also target faith communities, as seen in a recent $6 million crypto fraud case involving Washington State pastor Francier Obando Pinillo.
According to the CFTC, Pinillo allegedly used his church connections and social media to lure over 1,500 victims into a fake crypto investment scheme, promising monthly returns of up to 34.9%.
