Crypto Scammers Are Reportedly Posing as Job Recruiters to Circulate Malware

An alert has been posted by MetaMask’s security official Taylor Monahan on X.

Written by Radhika Parashar, Edited by Manas Mitul | Updated: 30 December 2024 21:30 IST

Crypto Scammers Are Reportedly Posing as Job Recruiters to Circulate Malware

Photo Credit: Unsplash/ Towfiqu Barbhuriya

The malware lets the scammers access the victims’ systems

Highlights

FBI says crypto scams are getting increasingly sophisticated
Industry insiders have asked investors to be vigilant
Crypto users been advised against interacting with strangers

Malicious crypto scammers have been found to be fishing for their victims posing as job recruiters online. Popular cyber investigator Taylor Monahan, who goes by the username @tayvano_, has posted an update to his 85,000 followers on X. As per the update, scammers are using recruiting platforms like LinkedIn to reach out to job seekers, asking them to fix issues with video-call software and subsequently injecting malicious malware to get access to the victims' computers. Monahan works in the security division of crypto wallet MetaMask.

The post, part of a thread on the threat, published by Monahan shared screenshots of the job listing circulated by the scammers. The post shows the fraudulent job opening of “Business Development Lead” at an entity named ‘Halliday'. To entice people to apply for this senior level position, the post boasts an annual salary bracket of $300,000 (roughly Rs. 2.56 lakh) to $350,000 (roughly Rs. 2.99 lakh)

Once job seekers end up answering questions, the scammers ask them to record a video answering the last question. On clicking the ‘Request Camera Access' button, another prompt pops up asking the people to fix an issue with the camera or the microphone.

Tether Backs Arcanum Capital’s Web3 Fund With $2 Million Investment

“Once you do it, Chrome will prompt you to update/restart to ‘fix the issue'. It's not fixing the issue. There are SO many malicious actors who spend all day trying to trick you into copy/pasting/run code like this. It will always destroy you,” the Web3 investigator noted.

The screenshot posted by Monahan showed that the malicious ‘fix the issue' message pops up with the title “Access to your camera or microphone is currently blocked”. The investigator also warned that the scammers could give varying instructions to potential victims for fixing the bug, depending on the system they use – Mac, Windows, or Linux.

How it works / what we've seen:

Usually starts with a "recruiter" from known company e.g. Kraken, MEXC, Gemini, Meta.

Pay ranges + messaging style are attractive—even to those not actively job hunting.

Mostly via Linkedin. Also freelancer sites, job sites, tg, discord, etc. pic.twitter.com/vRwJUoKFlB
— Tay :sparkling_heart: (@tayvano_) December 28, 2024

This malware lets the scammers access the victims' systems through backdoor entries, which can subsequently let them get into crypto wallets and drain funds.

If you follow their instructions, you are fucked.

They vary depending whether you are on Mac/Windows/Linux.

But once you do it, Chrome will prompt you to update/restart to "fix the issue."

It's not fixing the issue. It's fully fucking you. pic.twitter.com/ZEn2HpuAEb
— Tay :sparkling_heart: (@tayvano_) December 28, 2024

The FBI, in its recent report, claimed that crypto scammers had become more sophisticated in terms of identifying and attacking their victims. In July, the Securities division of the Washington State Department of Financial Institutions (DFI) also said that scammers had spiked up activities posing as professors or academicians on platforms including Facebook, WhatsApp and Telegram to find and communicate with potential victims.

Russia is Using Bitcoin in Foreign Trade, Finance Minister Says

Insiders from the crypto sector like Monahan have asked people to be vigilant and up to date with community alerts and warnings to prevent risking their funds. Earlier this year, Yi He, the co-founder of Binance, had flagged an impersonation scam that was circulating on X where scammers were misusing her identity to promote a fake crypto token on X.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cryptocurrency, Scam, LinkedIn, MetaMask, Taylor Monahan

Radhika Parashar

Email Radhika

Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More