Cybercriminals Swipe Digital Currencies Via "Audio Device Infiltration"
Scammers Target Job Seekers in Cryptocurrency Industry
In a recent development, a cybercrime scheme has been unveiled that aims to steal assets from job seekers targeting cryptocurrency companies. Taylor Monahan, a developer at MetaMask, revealed this scheme that targets macOS, Windows, and Linux operating systems.
The scheme, active on platforms like LinkedIn, Discord, Telegram, and freelance websites, is orchestrated by scammers posing as recruiters from companies such as Kraken, MEXC, Gemini, and Meta. These scammers offer high-paying, remote jobs for technical specialists, traders, and analysts, with salaries ranging from $200,000 to $350,000.
The attack on Japanese cryptocurrency exchange DMM Bitcoin, which resulted in $308 million in losses, was previously carried out by North Korean state-backed hackers known as TraderTraitor. However, it's not specified if the current scheme is linked to any state-sponsored groups.
The scheme typically starts with an initial contact and offer, where the scammer reaches out to job seekers, often through messaging apps or social media, claiming to be a recruiter from a well-known cryptocurrency company or recruitment agency. They offer high-paying, flexible remote jobs that require minimal effort, enticing victims with promises of daily earnings between $250 and $450 or more.
Victims are then directed to fake websites or digital platforms designed to look like legitimate company portals or marketing agencies. These sites often use gamification features—such as VIP levels, streak rewards, and performance incentives—to keep victims engaged and emotionally invested.
Victims are given simple online tasks to complete, which may involve transferring small crypto amounts or using fake crypto wallets. These tasks progressively require larger deposits or transfers, which scammers use to accumulate substantial stolen funds. Scammers demand payments or transfers exclusively in cryptocurrency, exploiting its pseudonymous nature to conceal money flows and facilitate laundering.
In the final stage, candidates are asked to record a video response during the interview process. A pop-up window requests access to the user's microphone and camera. It is not specified what happens after users follow these instructions.
The financial damage caused by this scheme is not specified by Monahan. However, some scam wallets have been documented to receive over $1.2 million within months, showing the scale of these operations.
Scammers may also leverage stolen personal and business contact information obtained through breaches or deceptive tactics to enhance their credibility or target victims with further social engineering attacks.
This scheme seems to be designed to steal sensitive information or assets from the victims. It's crucial for job seekers to exercise caution when applying for remote jobs, especially in the cryptocurrency industry, and to verify the authenticity of job offers before sharing any personal or financial information.
- Despite the lucrative offers of remote jobs with six-figure salaries in finance and technology, it's essential to be mindful of cybersecurity risks when investing in the cryptocurrency industry, given the recent unveiling of schemes aimed at stealing assets from job seekers.
- The scheme, often disguised as legitimate job offers from established cryptocurrency companies, requires victims to repeatedly transfer increasing amounts of cryptocurrency, demonstrating the intertwined nature of finance, technology, and cybersecurity in these scams.
