Crypto Hackers Pose as Recruiters to Spread Malware and Steal Wallets

Crypto hackers have adopted a sophisticated new scam to infiltrate victims’ devices and steal funds, posing as recruiters from reputed cryptocurrency firms offering lucrative salaries.

According to blockchain investigator Taylor Monahan, the attackers target individuals by advertising roles with salaries ranging between $200,000 and $350,000, luring them into their trap.

Hackers Use New Approach to Distribute Malware

Unlike traditional phishing scams, the hackers use an innovative approach to distribute malware.

Victims are instructed to resolve a microphone or video access issue during a supposed interview process.

The fake recruiters conduct lengthy written interviews before asking the final question, which requires a video response recorded through the “Willo | Video Interviewing” platform.

When victims encounter technical difficulties, they are guided to “fix” the issue by clearing their browser cache, prompting Chrome to restart.

However, this “fix” delivers malware that grants the attackers backdoor access to the victim’s devices, enabling them to drain crypto wallets or cause further damage.

Monahan warns that the malware is effective across Mac, Windows, and Linux operating systems, making it a widespread threat. She explains, “If you follow their instructions, you are compromised.”

They'll message via Linkedin (or where ever) for a bit and get some background on you.

Eventually, after some back-and-forth, theyll drop a link to continue the process.

The site—"Willo | Video Interviewing"—is clean. It feels like something a crypto co / startup would use. pic.twitter.com/0VRzfnL9J5

— Tay 💖 (@tayvano_) December 28, 2024

The attackers are reaching victims through LinkedIn, freelancer websites, Discord, and Telegram, using fake job listings for positions such as business development managers, analysts, and researchers at prominent firms like Gemini and Kraken.

The interview questions appear legitimate, probing candidates on industry trends and strategies to expand partnerships in regions like Southeast Asia or Latin America.

However, the intent is to build trust before launching the malware attack.

For those who may have fallen victim, Monahan advises wiping the infected computer to prevent further exploitation.

She also urges the community to remain cautious and skeptical of unsolicited job offers, emphasizing the need for vigilance in the face of increasingly sophisticated scams.

Crypto Industry Lost $1.49B to Hacks and Fraud in 2024

As reported, the crypto industry witnessed losses totaling $1.49 billion in 2024 due to hacks and fraud, marking a 17% decrease from 2023.

According to a report by blockchain security platform Immunefi, hacks were overwhelmingly the primary cause, accounting for $1.47 billion or 98.1% of the total losses across 192 incidents.

Fraud, including rug pulls and scams, represented just 1.9% of the losses at $28 million, though this category saw a 72% increase year-on-year.

The decline in total crypto losses reflects improved security measures, as the number of successful attacks also fell by 27.5%, from 320 in 2023 to 232 in 2024.

Japan’s DMM Bitcoin exchange suffered a $305 million private key breach in May, while WazirX, India’s top crypto exchange, lost $235 million in July after hackers compromised its Ethereum-based multisig wallet.

Together, these two events accounted for 36% of the total losses.

Decentralized finance (DeFi) protocols remained prime targets, representing 51.4% of the losses, while centralized finance (CeFi) platforms accounted for 48.6%.

Notably, CeFi losses surged by 77.5% year-on-year, reaching $726 million.

Ethereum and Binance Smart Chain were the most attacked blockchains, with Ethereum facing 104 incidents that led to 44% of total chain losses.

Source: cryptonews.com