Hackers Target Crypto Professionals on LinkedIn with Malware Scams
Hackers are targeting crypto professionals on LinkedIn by posing as recruiters from reputable companies and distributing malware that drains victims' wallets. They utilize legitimate tools, such as video interview platforms, and provide convincing job materials to establish trust.
Scam Tactics
Despite LinkedIn's efforts to eliminate millions of fake profiles, advanced scams persist. On December 28, Web3 security expert Taylor Monahan reported that scammers employ wallet-draining malware targeting professionals through LinkedIn.
These scammers create believable LinkedIn profiles and contact users with informal messages, claiming to represent established firms and offering attractive job opportunities. Many victims are lured in, even if they are not actively seeking new jobs. To enhance credibility, attackers use professional tools like the Willo Video platform, frequently utilized by crypto companies. They present detailed job descriptions and interview questions, requesting video responses, while faking technical issues that disable the camera and microphone.
Escalation of the Scam
The scam escalates when victims are directed to a link with supposed troubleshooting instructions that actually infect their devices. Following these steps allows hackers to gain control over the systems. The attack often includes a deceptive Chrome update that compromises the victim further. Monahan stated, “If you follow their instructions, you are fked. They vary depending on your system, but once you do it, Chrome will prompt you to update. It’s not fixing the issue; it’s fully fking you.”
Historical Context
The exact amount stolen through these scams is unknown. However, similar methods were employed in prior incidents, such as the $305 million Bitcoin theft from Ginco, a Japanese crypto wallet company. Investigations involved the FBI, Japan’s National Police, and the Department of Defense Cyber Crime Center, highlighting increasing threats on platforms like LinkedIn.
LinkedIn's Response
Although LinkedIn has made strides in addressing fake accounts, challenges remain. The platform's 2024 fraud report indicated that over 80 million fake profiles were removed in six months, with automated systems blocking 94.6% of these accounts during registration or shortly after. Attackers continue to refine their tactics, complicating prevention efforts.
Conclusion
This trend emphasizes the necessity for heightened vigilance within the crypto industry. Professionals must verify the authenticity of recruiters and job offers to avoid falling victim to evolving hacker tactics.