po polsku
illustration: DALL-EThe Web3 sector often boasts offers that seem too good to be true – from investments in crypto tokens to play-to-earn games and job opportunities.
Recently, cybercriminals have been exploiting the trust of some cryptocurrency enthusiasts, tricking them into infecting their systems with info-stealing malware under the pretense of offering lucrative positions in the crypto industry.
Reports Indicate Hundreds of Victims
Sources indicate that the campaign has already affected hundreds of people, though the exact number remains unknown. The malicious campaign is allegedly orchestrated by a Russian threat actor group called "Crazy Evil." The gang`s modus operandi involves using social engineering techniques to deceive unsuspecting targets into installing info-stealing malware on their devices.
Once infected, the malware collects all data deemed useful by cybercriminals, focusing on cookies, credentials, and cryptocurrency wallets. Crazy Evil has gained notoriety for its previous malicious activities in the Web3 sphere, where it was observed running campaigns promoting fake job offers and fraudulent games among users in this space.
Cybercriminals Used a Fake Web3 Company Profile
Web3 professional Choy, who fell victim to the new fake job scam, told BleepingComputer that the threat actors created a sophisticated fake presence for a company named "ChainSeeker[.]io." The fraudulent entity had a website along with LinkedIn and X profiles to reinforce the illusion of legitimacy.
The scammers took it a step further by creating premium job listings on various popular platforms, targeting desirable positions such as social media manager, NFT artist, blockchain analyst, and marketing director.
Targets Redirected to Telegram
Job applicants received an email inviting them for an interview, instructing them to contact a "team member" via Telegram to schedule the meeting. Once in touch with the so-called team member, candidates were provided with a website, a code, and installation instructions for a specific application on their devices.
However, visiting the website and using the provided code triggered the download of rogue Windows or Mac clients loaded with info-stealing malware. Windows users received a combination of a remote access trojan (RAT) and an infostealer, while Mac users were infected with the notorious Atomic Stealer (AMOS) strain.
Campaign Ended, but Victims Remain at Risk
Following the exposure of the malicious campaign, cybercriminals reportedly ended it. The popular Web3 job listing site CryptoJobsList also removed fraudulent postings from its platform, warning previous applicants that they had fallen victim to the scam and advising them to scan their devices for malware.
Unfortunately, cryptocurrency scams continue to plague the digital world, with attackers constantly developing new, cunning techniques to target unsuspecting victims.
– While understanding how crypto scams work and their potential impact on you is crucial for defense, using specialized antivirus software can further enhance your protection – says Arkadiusz Kraszewski of Marken Systemy Antywirusowe, the Polish distributor of Bitdefender software. – With it, you can not only shield yourself from malware but also protect against the consequences of phishing campaigns.
COMMERCIAL BREAK
New articles in section Law in media
SEO Poisoning. Hackers Use Search Engines to Target Businesses
Piotr Rozmiarek
Search engines help us quickly find information, but they can also be used by cybercriminals. SEO poisoning is a tactic where attackers manipulate search engine rankings to place harmful websites at the top of search results.
SLAPP Lawsuits in Europe. How Journalists and Activists Are Silenced
Krzysztof Fiedorek
The number of strategic lawsuits aimed at intimidating journalists, activists, and civil society organizations is increasing in Europe. According to the CASE SLAPPs Report 2024, as many as 1,049 such cases were identified between 2010 and 2023.
Why do People Spread Disinformation? Results of DigiPatch Research
Ewelina Krajczyńska-Wujec
People strongly driven by the need for power are more likely to share posts on social media, including disinformation. Power itself, like the need to gain prestige and recognition, is not associated with the frequency of spreading false information, according to research involving Professor Małgorzata Kossowska from the Jagiellonian University.
See articles on a similar topic:
Harassment of Female Journalists in Poland. Zamenhof Institute Report
RINF
Over half of female journalists have experienced harassment. The report and a dedicated website for the project, offtherecord.zamenhof.pl, present real, anonymous stories of harassed female journalists, along with numerical data documenting the scale of the issue.
Quishing. How to Protect Yourself from QR Code Scams
Krzysztof Fiedorek
According to analysts from Keepnet Labs, quishing will be one of the most serious threats to businesses and individuals in 2024. In 2023, the number of data or money theft cases using this method increased globally by 587%.
Cyber Threats 2023: Phishing Dominates, AI Targeted
Krzysztof Fiedorek
The CERT Orange Polska 2023 report reveals a rapidly evolving cyber threat landscape. Phishing has taken a decisive lead, accounting for over 44% of reported incidents. Advanced social engineering techniques, deepfakes, and a surge in malicious ads lure users with promises of quick profits or easy opportunities.
Sharenting, or Photos of Children Online. IRCenter Study
KrzysztoF
Parents who are internet users eagerly share information about their children online. They publish images, personal information, or life events, often unaware of the risks. Research company IRCenter examined this area of Polish internet activity.
