Microsoft Survey: A Malicious Actor Impersonates Identity to Launch Attacks on Cryptocurrency Investment Firms on Telegram

ChainCatcher news, Microsoft's security department is investigating an attack by malicious actors targeting various cryptocurrency investment companies. The threat actor tracked as "DEV-013" was able to infiltrate the chat groups of the application Telegram, posing as a representative of a crypto investment company, pretending to discuss trading fees with VIP clients of major exchanges.

The investigation found that their goal was to lure cryptocurrency investment funds into downloading an Excel file. Although the file provided accurate information about the fee structures of major cryptocurrency exchanges, it also contained malicious code that executed another Excel sheet in an invisible mode, allowing the malicious actor to gain remote access to the infected systems of the victims.
(U.Today)