Crypto hackers take a new spin on fake job scams, dropping ‘vicious’ malware
Crypto hackers have reportedly discovered a new way to trick their victims into downloading “nasty” malware.
According to blockchain sleuth Taylor Monahan, known as Ty on X, the hackers first pose as recruiters from a well-known crypto company, offering their targets a salary of $200,000 to $350,000.
Source: Taylor Monahan
But instead of tricking the target into opening a PDF containing the malware, or tricking the victim into downloading video calling software disguised as malware, it involves the victim following instructions to troubleshoot microphone and video access.
“If you follow their instructions, you're screwed.”
How victims fall victim to malware attacks
The malevolent actor first hits the interviewer with a series of long-answer interview questions before one final question, which must be videotaped.
However, victims realize there is a problem with giving access to the microphone and camera and are told they have a cache problem before being given instructions on a “workaround” to fix the problem, Monahan added.
Once you do, Chrome will ask you to update/restart to ‘fix the problem'. It's not fixing the issue. It will totally annoy you.”
After clicking on the screenshot of the message victims access their camera and microphone. Source: Taylor Monahan
Monahan said the malware gives the attackers “backdoor” access to the victim's device, so they can drain crypto funds.
Malware attacks work for Mac, Windows, and Linux operating systems, she added, adding that “they'll eventually find you again the way you want them to.”
Related: Fraudsters are using Telegram authentication bots to inject crypto-stealing malware.
According to Monahan, fake recruiters are targeting popular crypto companies like Gemini and Kraken by advertising everything from business development manager roles to analyst and researcher positions on the professional networking site LinkedIn.
The hackers contacted people on freelancer websites, Discord and Telegram.
Questions asked in the written interview included what crypto trends the victim thinks will be most important to the industry in the next 12 months, and how a business development representative should expand a crypto company partnership in Southeast Asia or Latin America on a “limited budget.”
Monahan suggests cleaning up computers that are already vulnerable to malware.
Everyone should be “cautious” and “suspicious,” she added.
Magazine: Story Protocol Creators Help AI Survive Crypto Attacks With ‘Programmable IP'
