cryptopolitan.com
🚨 تنبيه للجميع - يمتلك بعض الرجال طريقة جديدة ورائعة لإسقاط بعض البرامج الضارة السيئة.
— تاي 💖 (@tayvano_) 28 ديسمبر 2024
يبدو وكأنه سرقة معلومات على السطح ولكن ... ليس كذلك.🫠
سوف ينتقدك بشدة حقًا.
يرجى مشاركة هذا مع أصدقائك، والمطورين، والموقّعين المتعددين. على الجميع توخي الحذر + البقاء متشككا. 🙏 pic.twitter.com/KRRWGL3GDo
After building trust with their victims, the hackers bamboozle them with mouth-watering employment opportunities. The tactic often achieves its purpose, especially among users seeking active employment. Monahan noted that it also works with those not seeking employment because everybody is looking for ways to increase their income stream.
To further prove to their victims that the job opportunities are indeed legal, they employ the aid of several tools. For instance, they use the Willo Video interviewing platform, one that is frequently used by most crypto firms when interviewing candidates for positions. Victims are also provided with job details and descriptions, which increases the depth of the deception.
The victims are required to record and send their responses on the platform. However, the hackers proceed without actually using the platform’s video features, citing different technical issues to keep the con going.
After this stage, the hackers begin their scam, sending their victims a link containing harmful instructions. Once they follow the instructions, their devices are compromised, helping the hackers gain access.
Monahan warns the crypto community about social engineering scheme
According to Monahan, once a user clicks the link, they automatically cede control to the hackers irrespective of the device they use.
“If you follow their instructions, you are fcked. They vary depending on whether you are on Mac/Windows/Linux. But once you do it, Chrome will prompt you to update/restart to “fix the issue.” It’s not fixing the issue. It’s fully fcking you,” Monahan said.
It is still unclear the spread of the hack or how much they have recouped, but the incident is closely related to the ones that have occurred in the past. The popular one involved employees of the popular Japanese crypto firm Ginco. The wallet software firm lost about $305 million to hackers via the same social engineering attacks.
The breach was investigated by several bodies including the Federal Bureau of Investigations (FBI) and Japan’s National Police Agency.
While LinkedIn has taken several measures to remove fake accounts, the issue has remained. The platform claimed that about 80 million fake profiles were removed in 2024. Its automated system, which checks accounts at every step, blocked most of the accounts after creation.
Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap