Thieves Gain Cryptocurrency by Exploiting Microphone Bugs
In a chilling development, the MetaMask developer, Taylor Monahan, has unveiled a new cybercrime scheme aimed at stealing assets from job seekers targeting cryptocurrency companies. This scheme, active on platforms like LinkedIn, Discord, Telegram, and freelance websites, employs social engineering and malicious software to infiltrate victims' devices.
The scam process typically begins with impersonation of trusted entities, such as recruiters, company officials, or crypto influencers. Scammers then build trust and urgency by creating fake communication channels, offering lucrative but unrealistic job offers, or claiming time-sensitive opportunities.
As the scheme progresses, victims are asked to perform repetitive tasks requiring cryptocurrency payments, like deposit fees or unlocking bonuses, which funnel funds into scam-operated crypto wallets. Some groups use sophisticated infrastructure, including domain registrations, bulk SMS services, and multiple operators managing recruitment, training, and fund transfers, making the operation highly organized and difficult to detect.
One of the latest iterations of this scam, as seen on the Willo platform, involves candidates being asked to record a video response. During the recording, a pop-up window requests access to the user's microphone and camera. Clicking on the "update" or "restart" option in the Chrome prompt is dangerous and could install the backdoor on the victim's device.
The pop-up window that appears during the video recording is a part of the scam, not a genuine issue requiring a fix. Scammers pose as recruiters from companies such as Kraken, MEXC, Gemini, and Meta, offering roles for technical specialists, traders, and analysts, with salaries ranging from $200,000 to $350,000.
The attack method used in the current scheme is similar to the one used in the DMM Bitcoin incident, targeting job seekers in the cryptocurrency industry. Previously, the attack on Japanese cryptocurrency exchange DMM Bitcoin resulted in $308 million in losses.
Potential consequences for victims include financial losses ranging from hundreds to hundreds of thousands of dollars, sometimes involving transfers totaling millions across multiple victims. Victims might only realize the scam after significant losses, with reports showing many do not become aware until after the damage is done.
In addition to financial losses, victims may suffer psychological damage due to prolonged exploitation and manipulation. Loss of sensitive personal and financial information, which can be used for further scams or identity theft, is another concerning aspect of these scams.
The importance of awareness and cautious verification of job offers on these platforms cannot be overstated. The anonymity and irreversibility of cryptocurrency transactions make recovery of funds extremely difficult, underscoring the need for vigilance in the face of these cyber threats.
- Despite the promise of lucrative job offers in the cryptocurrency industry, job seekers must be wary of suspicious communications, as scammers posing as recruiters from companies like Kraken, MEXC, Gemini, and Meta may employ social engineering and malicious software to steal assets, similar to the DMM Bitcoin incident that resulted in $308 million in losses.
- In light of the growing cybersecurity threats in the finance sector, particularly those targeting the cryptocurrency industry, it is essential to prioritize cybersecurity and technology measures to protect personal and financial data from cybercriminals, given the irreversibility and anonymity of cryptocurrency transactions, thereby minimizing potential financial losses and psychological impact.
