The rise in cyberattacks continues to challenge the Cryptocurrency industry, with hackers constantly perfecting their tricks. A new wave of scams targeting Cryptocurrency professionals via LinkedIn has been exposed, demonstrating the increasing sophistication of these harmful schemes.
On December 28, Taylor Monahan, a Web3 security expert, exposed a social media scam designed to distribute wallet-draining malware. These cybercriminals impersonate recruiters from reputable companies, using professional platforms and tools to build trust and lure victims.
How LinkedIn Cryptocurrency Scams Work
Attackers start by creating fake LinkedIn profiles that look very trustworthy. They then launch informal conversations, claim to represent famous companies, and propose attractive job opportunities. This tactic is often successful in attracting people who are not actively looking for work.
To enhance their deception, scammers use legitimate tools such as the Willo video interview platform, commonly used by reputable Cryptocurrency companies. Victims receive a detailed job description and interview questions, which adds an air of professionalism. Then, they were instructed to record a video response. However, this platform intentionally blocked cameras and microphones, citing technical errors.
At this stage, the scam escalates. Victims are directed to a “How to Fix” link containing harmful instructions. Following these steps leaves their device compromised. Once done, the victim unknowingly allows the attacker to take control, potentially draining their Cryptocurrency wallet.
“If you follow their instructions, you will get into trouble. They are different depending on whether you use Mac/Windows/Linux. But once you do, Chrome will prompt you to update/restart to ‘fix the error.’ It is not a bug fix. It absolutely screws you up,” Monahan declare.
The total amount of money stolen from Cryptocurrency users due to these scams was unknown at press time. However, the scheme is similar to previous attacks, including a high-profile attack targeting employees of Ginco, a Japanese Cryptocurrency wallet software company. Hackers reportedly stole $305 million in Bitcoin from DMM Bitcoin exchange using these social engineering techniques.
The intrusion was investigated by the FBI, the Japanese National Police Agency and the U.S. Department of Defense Cyber Crime Center, highlighting the growing threat on platforms like LinkedIn.
Although LinkedIn has taken significant measures to combat fake accounts, the challenge remains enormous. In report fraud in 2024, the platform revealed that more than 80 million fake profiles had been removed in just six months. The automated system blocked 94.6% of these accounts, either during the registration process or through proactive restrictions.
