News 
December 30, 2024 
3 min. 
Hackers targeting the crypto industry have adopted a sophisticated new method to infect victims’ devices with malware. Rather than using traditional approaches like infected PDFs or malicious video call software, these attackers now pose as recruiters offering high-paying jobs to lure their targets into following harmful instructions.
How the Crypto Job Attack Works
According to blockchain investigator Taylor Monahan, the scheme begins with a fake recruiter contacting victims on platforms like LinkedIn, Discord, or Telegram. These hackers pose as representatives of well-known crypto firms, such as Gemini or Kraken, offering roles with salaries ranging from $200,000 to $350,000.
After engaging the target with detailed interview questions, the hackers claim the final step involves recording a video response. At this point, victims encounter a “microphone and camera access issue.” The attackers then guide them through a supposed fix, instructing them to clear browser caches and restart Chrome.
However, instead of resolving the problem, the process installs malware that gives hackers backdoor access to the victim’s computer. This allows them to steal crypto wallets or cause other significant harm. “Once you do it, Chrome will prompt you to update/restart to ‘fix the issue.’ It’s not fixing the issue. It’s fully compromising you,” Monahan explained.
Widespread Threats and Precautions
Monahan warned that the malware is effective across multiple operating systems, including Mac, Windows, and Linux. Victims are often targeted with job offers for roles such as business development managers or analysts, with interview questions designed to seem credible. These questions range from discussing crypto trends to strategies for expanding partnerships in emerging markets.
The attackers also reach out on freelancer websites, making the threat more pervasive. Monahan advises anyone exposed to the malware to wipe their computers immediately to minimize damage.
This attack highlights the growing sophistication of crypto-related scams. Professionals in the industry should remain vigilant, especially when approached with unsolicited job offers or unusual technical requests.
