A Russian-speaking hacking group, Crazy Evil, created a fake Web3 company, “ChainSeeker.io,” to trick job seekers into downloading malware designed to drain their crypto wallets, cybersecurity site Bleeping Computer reports.
The group posted job ads for roles like “Blockchain Analyst” and “Social Media Manager” on LinkedIn, WellFound, and CryptoJobsList, boosting visibility through premium ads. Victims were contacted via email by a fake HR officer and directed to Telegram, where a fraudulent CMO convinced them to install a virtual meeting app, GrassCall. The app deployed malware that stole crypto wallets, passwords, and authentication data.
Although the scam has been shut down, some victims have formed a Telegram support group. Crazy Evil has reportedly earned over $5 million from similar schemes since 2021, primarily targeting DeFi professionals through social engineering attacks.
Credit: Decrypt (Text Excluding Headline)
