A concerning new trend in cryptocurrency scams has emerged, with Telegram-based malware scams surpassing traditional phishing attacks, according to recent data from Scam Sniffer. From November 2024 to January 2025, malicious activity linked to Telegram groups increased by over 2,000%, while regular phishing incidents remained stable.

Unlike typical phishing attempts that aim to steal credentials through deceptive emails or fake websites, these new scams are far more sophisticated. Attackers are leveraging Telegram’s platform to distribute malware through fake verification bots, counterfeit trading groups, fake airdrop groups, and exclusive "alpha" groups. Once victims engage with these fraudulent entities, they are tricked into executing malicious code or installing unverified software, exposing their devices to significant risks.

Scam Sniffer highlighted the severe capabilities of this malware, which can access and exploit sensitive data. Once installed, the malware can access stored passwords, scan for wallet files, monitor clipboard activity for sensitive information, and even extract browser data. These tools give attackers broader access than traditional scams, making it easier to execute large-scale thefts.

The shift in tactics is attributed to increased user awareness of signature scams, which traditionally relied on deceptive prompts to authorize malicious transactions. As a result, attackers are moving toward malware-based approaches, which provide broader access to victim data and make tracking losses more challenging.

To mitigate these risks, Scam Sniffer advised users to avoid executing unknown commands, refrain from installing unverified software, and remain cautious of group invites that create a sense of urgency. Hardware wallets were also recommended as a robust security measure to protect digital assets.

The surge in Telegram malware scams underscores the need for heightened vigilance in the crypto community. Scam Sniffer warned users that no legitimate crypto service would ask them to execute commands, install verification software, or run clipboard-based scripts. Safeguarding device security, they stressed, is critical to protecting digital assets.

As attackers continue to evolve their methods, it is essential for users to stay informed and implement robust security practices. The rise of Telegram malware scams serves as a stark reminder of the ever-present threats in the cryptocurrency space.