SlowMist reveals despicable LinkedIn Phishing Scam Draining Crypto Wallets

The new phishing scam, disguised as a LinkedIn job offer, is rapidly targeting blockchain engineers. This phishing scam is not masked by SlowMist, a blockchain security and threat intelligence company. The latest case has been spotted by Bruno Skvorc on his official X account. This case highlights the threats behind legitimate recruitment messages.

The attackers disguised themselves in the form of blockchain-based games, namely Socifi games and staking platforms. They seduced the victims and provided high-paying employment opportunities. The recruitment process seemed professional and became sinister after the scammers provided malicious code, a bitbucket repository.

SlowMist recognizes malware in phishing scams

Slowmist researchers have carefully investigated the code and searched for encoded malware on the provided servers. This malware was built to steal sensitive and important user data. After running unsuspecting developer code, it appeared to connect to a malicious command and control (C2) server. It contains several hidden scripts intended to steal sensitive details from the system and SSH keys.

These scripts are designed in a way that extracts credentials stored in MacOS keychain extension data from your browser. Interestingly, malware is designed to bypass security observation tools such as Little Snitch. Through this, the attackers took away sensitive and valuable crypto assets, but remained undetected.

Slomast provides guidelines to keep you safe from recruitment scams

Slowmist provides important advice to both individuals and businesses to reduce the threat. This platform provides useful advice for downloading external code and staying cautiously while getting jobs.

With the help of official channels, users need to check the recruiter. They need to move away from running the script without investigating and look further into the shared repository before proceeding. Meanwhile, companies need to run phishing simulations while observing the code repository.

In addition, businesses need to leverage advanced security solutions to curb qualification theft and financial losses. With the rapid growth of the ongoing LinkedIn phishing scheme, Slowmist advises users to stay vigilant to protect sensitive data from cybercriminals. The platform recommended that the community protect sensitive data from hackers who utilize advanced safety tools.