A malicious program has been flagged by Cado Security Labs for targeting cryptocurrency wallets on Windows and macOS. This malware, active for four months, hides as a fake meeting application. Sensitive data such as browser credentials, banking information, and hardware wallet details are at risk.

The malware, named Realst, is spread through AI-generated websites. These websites mimic legitimate platforms with fabricated reviews, blogs, and fake social media accounts to appear genuine. Victims are often approached on platforms like Telegram by scammers pretending to offer business opportunities or impersonating trusted contacts.

Researchers noted that scammers increasingly rely on AI to generate realistic content, making detection harder. The malware has been identified under multiple aliases, including Meetio, Clusee[.]com, and Meeten[.]gg. In addition to installing malware, these websites run malicious JavaScript in the background to steal crypto stored in web browsers.

Social engineering continues to be a leading tactic in crypto scams. Last month, a whale investor lost over $6 million in a similar scheme involving a link mimicking Zoom. Another case involved a $50 million hack of Radiant Capital, where malware was disguised as a PDF file.

Experts warn that such scams have drained billions from the crypto sector. Losses from phishing scams in November alone exceeded $9 million. These incidents highlight the importance of vigilance and robust security measures in protecting digital assets.