Beware: Malware Crypto Scams Are Now Running Rampant on Telegram

Telegram malware scams have surpassed traditional phishing. Since November 2024, malicious groups on this messaging app have increased by more than 2,000%, while regular phishing has remained stable, a crypto security team warned.
Scam Sniffer stressed that these are not typical "connect wallet" scams. Instead, attackers are distributing sophisticated malware through multiple fake channels, such as verification bots, trading groups, crypto airdrop groups, and "exclusive" groups that promise to share profitable investment ideas.

The crypto security specialists also noted that once the malicious code—pretending to be "verification" software—is installed, perpetrators can access victims' passwords, scan for wallet files, monitor clipboards, and steal browser data.
According to Scam Sniffer, phishing criminals have changed their tactics because crypto asset users are now more knowledgeable about signature scams. Also, this type of malware allows greater access to victims' data. Moreover, losses from these types of increasingly popular attacks are said to be harder to track.
The security team suggested several measures to help protect oneself from these types of crimes. Here’s how you can do it:
- Never run unknown commands
- Don’t install unverified software
- Avoid clipboard-based verification
- Be skeptical of urgent group invites
- Use hardware wallets
They also urged everyone to remember that no legitimate crypto service will ever ask a user to execute commands, install verification software, or run scripts from their clipboard.
This follows reports from December when a new sophisticated scam targeting crypto users through fake Telegram groups was discovered.
The criminals are targeting potential victims by impersonating crypto influencers and using malicious bots for verification.
"This represents a new evolution in crypto scams—moving beyond simple phishing to combine social engineering with malware," Scam Sniffer concluded at the time.