news 
Hackers Defraud Jobseekers with Fake Web3 Firm
A Russian-speaking hacking group has been defrauding job seekers by creating a fake web3 firm and posting fraudulent job adverts on popular platforms like CryptoJobsList, LinkedIn, and WellFound. The hackers are using the fake firm, ChainSeeker.io, to drain the wallets of unsuspecting individuals.
The group is searching for qualified entities to join the company in various positions such as social media manager, blockchain developer, NFT artist, and advisor. The job adverts appear authentic due to their placement on reputable platforms.
According to cybersecurity reports, the fake firm has an elaborate online persona consisting of a website and social media profiles. Applicants are directed to contact the marketing officer on Telegram for further guidance and a possible interview. This is where the hackers strike, requesting that applicants install GrassCall, a virtual meeting app, which then infects the applicant’s computer with malware.
The malware scans the victim’s device for sensitive information such as passwords, crypto wallet data, web browser history, and cookies. The collected information is uploaded to the group’s servers and analyzed for wallet information.
Applicants have reported that the job listings “looked legit from almost all angles,” including the malicious video conferencing tool. This highlights the importance of staying vigilant in today’s digital age.
The hack demonstrates the lengths that malicious actors are willing to go to steal funds, adding to other threat actor tricks like using fake Zoom links and NFT games to defraud unsuspecting victims.
In conclusion, it is essential for job seekers in the DeFi and web3 industries to be aware of these social engineering tactics and stay informed about potential threats.
