The rise of cyberattacks continues to test the crypto industry, with hackers constantly refining their tactics. A new wave of scams targeting crypto professionals through LinkedIn has been revealed, demonstrating the growing sophistication of these malicious schemes.
On December 28, Taylor Monahan, a Web3 security expert, revealed a social media scam designed to distribute wallet-draining malware. These cybercriminals pose as recruiters from respected companies, using professional platforms and tools to build trust and lure their victims.
How the LinkedIn Crypto Scam Works
Attackers start by creating fake LinkedIn profiles that appear credible. They then begin informal conversations, claiming to represent well-known companies and offering tempting job opportunities. This tactic is often successful in engaging even those who are not actively looking for a job.
To enhance their deception, scammers use legitimate tools such as the Willo Video interview platform, frequently used by established crypto companies. Victims receive detailed job descriptions and interview questions, which adds a touch of professionalism. They are then asked to record the video responses. However, the platform deliberately blocks the camera and microphone, citing technical issues.
At this point, the scam intensifies. Victims are directed to a “How to Fix” link containing harmful instructions. Following these steps compromises their devices. Once executed, victims unknowingly allow attackers to take control, potentially emptying their crypto wallets.
“If you follow their instructions, you’re screwed. They vary depending on whether you are on Mac/Windows/Linux. But once you do, Chrome will ask you to update/restart to “fix the problem”. This doesn’t solve the problem. It’s crazy about you,” Monahan said.
At press time, it was unclear how much these scams had stolen from crypto users. However, this scheme reflects past incidents, including a high-profile attack targeting employees of Ginco, a Japanese crypto wallet software company. Hackers reportedly stole $305 million in Bitcoin from Bitcoin exchange DMM using these social engineering techniques.
The breach, which was investigated by the FBI, the Japanese National Police and the Department of Defense Cybercrime Center, highlighted the growing threats on platforms like LinkedIn.
Although LinkedIn has taken significant steps to combat fake accounts, the challenges remain significant. In its 2024 Fraud Report, the platform revealed that more than 80 million fake profiles were removed in just six months. Automated systems blocked 94.6% of these accounts, either upon registration or through proactive restrictions.
Disclaimer
In accordance with the Trust Project guidelines, BeInCrypto is committed to providing unbiased and transparent reporting. This news article aims to provide accurate and current information. Readers are, however, advised to independently verify the facts and seek professional advice before making any decision based on this content. Please note that our Terms and Conditions, Privacy Policy and Disclaimer have been updated.
