Latest news with #GrassCall
Shafaq News
06-03-2025
- Shafaq News
'Grass Call' cyber threat targets job seekers
Shafaq News/ The Cybersecurity Center has identified a new cyber threat, dubbed 'Grass Call,' targeting job seekers through online recruitment platforms, Iraq's Ministry of Interior announced on Thursday. In a statement, the ministry revealed that the attack exploits users on job search sites such as LinkedIn and Indeed. Hackers lure victims with fake job offers and conduct fraudulent online interviews, instructing them to install malicious software under the pretense of an interview requirement. Once installed, the malware operates undetected, extracting sensitive data and transmitting it to a remote server.
Yahoo
28-02-2025
- Business
- Yahoo
Hackers Use Fake Web3 Job Interviews To Steal Cryptocurrency From Job Seekers
Hackers posing as a legitimate Web3 company have targeted job seekers in the crypto industry, stealing cryptocurrency through a fake job interview scam. The group, known as 'Crazy Evil,' set up a fake company called and advertised jobs like 'Blockchain Analyst' and 'Social Media Manager' on LinkedIn, WellFound, and CryptoJobsList. They used premium advertisements to increase the visibility of their job offers and contacted applicants via email, directing them to a 'chief marketing officer' (CMO) on Telegram. The CMO asked job seekers to download a virtual meeting tool called GrassCall, which was actually a tool for installing malware on their systems. Once installed, the malware accessed sensitive information, including crypto wallets, passwords, and authentication data stored in web browsers. This malware was designed to drain funds from crypto wallets, and many victims lost their entire holdings. A Telegram support group has been created by affected users, where they share advice on how to remove the malware from Windows and Mac devices. This attack is not the first of its kind. Earlier reports by Recorded Future revealed that Crazy Evil had executed similar scams targeting DeFi professionals. Their tactics include exploiting social engineering to trick individuals into downloading harmful software. The group has also used Zoom links in previous campaigns to spread malware. The GrassCall scam serves as a reminder of the ongoing risks in the cryptocurrency industry, where cybercriminals are increasingly targeting professionals with valuable assets. In addition to this attack, other hacker groups, including the North Korean BlueNoroff, have been linked to scams targeting the crypto industry. BlueNoroff, part of the Lazarus Group, has used phishing emails and fake documents to steal funds from crypto firms. Their most recent campaign, 'Hidden Risk,' disguised malware as legitimate documents and targeted crypto firms with similar tactics to the Crazy Evil group's approach. As the use of digital assets grows, cybercriminals are adapting by exploiting emerging job markets and targeting crypto professionals. Experts recommend caution when engaging with unfamiliar hiring processes, especially when asked to download unknown applications. If a job offer requires installing software that seems suspicious, it should be treated as a potential red flag. Cybersecurity experts also advise job seekers in the Web3 and crypto sectors to remain vigilant and aware of these types of scams.
