Rustdoor Malware - targets crypto job seekers, social engineering attacks

SamReomo

hero member

Activity: 784

Merit: 672

Top Crypto Casino

Quote from: Jating on September 19, 2024, 06:17:49 AM

And so it seems that LinkedIn or any other professional networking sites that connects employers and employees are being used by state sponsored criminals.

It's quite hard to be save in online world especially for job seekers and freelancers. LinkedIn is like a hub for job searching opportunities for job seekers and now those scammers are doing their social engineering skills to take money and credit card information from those job seekers who work hardly to complete their tasks.

We really need high level of awareness to be safe from those hackers because in online space no one is safe from those scammers. I remember the days when those scammers were manipulating poor freelancers by paying $1-$10 for PDF to text transcription. Now, they're doing these type of dirty things with the freelancers and job seekers.

CryptSafe

sr. member

Activity: 728

Merit: 421

Quote from: Lafu on September 23, 2024, 11:46:36 AM

Quote from: CryptSafe on September 23, 2024, 11:28:42 AM

I see no reasons why somebody would receive a link in their email and jump into it without any caution of its originality.

You would be surprised how many normal People doing that , when they get a mail with a link and they click on it.
I even got to the point where i tell people in real life not to click on everything they see and get , from my experiences here in the forum i got and see.

At first looking at the origin of a mail matters as to where it is coming from be it a known or unknown source, if it is an expectant mail, you still need to be cautious because sometimes there are fake and imitation because some one out there already informed of the fact that you or categories or sets of persons would receive mail from a certain destination so they would just create a fake imitation making you to believe they are the one and you fall for it and they get access to your details and use it against you. It takes extra carefulness and caution to be void of hack and scam. Most times people take things for granted till they have had a first experience about it then they realize they have been told and they learn it hard because of their ignorance.

Aanuoluwatofunmi

sr. member

Activity: 798

Merit: 436

Quote from: Jating on September 19, 2024, 06:17:49 AM

Just when we thought that the job seeking scams are taking the limelight, there is a new one that also recently pops up. So in this case, he is impersonating a supposedly recruiting firms or tech companies to lure their victims.

Or in any case, they will target employees of decentralized finance ("DeFi"), cryptocurrency, for social engineering campaigns. And now we all know what their modus is, as first reported that they will request to download apps or execute code for those job seekers, or for social engineer, they want the employees to execute code inside the company's internal network.

And once the malware is in the system already, going to be very hard to detect unless the attack had executed already.

https://www.jamf.com/blog/jamf-threat-labs-observes-targeted-attacks-amid-fbi-warnings/

And so it seems that LinkedIn or any other professional networking sites that connects employers and employees are being used by state sponsored criminals. And if you are one of those who are trying to find a job using this professional networking sites, just be careful and not allow anything to be downloaded to your laptop or pc as you don't know that inside of those packages and it could surely contains info stealing malwares.

Some will be out on the street seeking for employment opportunities and they will see some online adverts and desire to have a look and give a try on applying, but it's such a pity now that things aren't the same way it has always been, when we click on what they are posting, that alone will lead to how we are going to go under their threats, such a loophole is what they want from us, and they go on tgis through impersonation of social media accounts

Lafu

legendary

Activity: 3178

Merit: 3295

Quote from: Charles-Tim on September 19, 2024, 02:29:33 PM

Something similar was brought up on this forum recently. People were warned against this malware. North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social En

I warning people and User here now since September 2019 and earlier about every type of Version of Malware and shady things and still people fall into the traps.
The problem is that most of the People and Users dont take there time for doing a research and trusting any kind of Webpage and Hosting platform they see.

Quote from: CryptSafe on September 23, 2024, 11:28:42 AM

I see no reasons why somebody would receive a link in their email and jump into it without any caution of its originality.

You would be surprised how many normal People doing that , when they get a mail with a link and they click on it.
I even got to the point where i tell people in real life not to click on everything they see and get , from my experiences here in the forum i got and see.

CryptSafe

sr. member

Activity: 728

Merit: 421

Quote from: Charles-Tim on September 19, 2024, 02:29:33 PM

Something similar was brought up on this forum recently. People were warned against this malware. North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social En

I think this was common in United States and FBI warned people about it in the country. People should trust the file sender before they should download it on their device. They are downloading the file from an unknown person which is stupidity.

Many people would still fall for this even after telling them and making announcement, the lazy and greedy ones would still be victims of this attack. I see no reasons why somebody would receive a link in their email and jump into it without any caution of its originality. Come are in the form of ads and give aways from unknown source and they just quickly click on it forgetting that scammers and hackers might just be the originators of such to attack them. On several occasion, I have received links from funny website all being bitcoin claims and other mouth watery offers to tempting me to click on their link and already I know they are scammers and do not bother to d that because I know what they are up to.

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

Quote from: Dave1 on September 20, 2024, 02:55:09 AM

Anyhow, it's really hard not to fall for this trick specially if you are hopeless situation and so you became reckless and who knows, maybe instead of getting a job, you are going to lose your crypto if you are trap by this scammers.

Cold storage protects you from this. You're always at risk if you store your crypto in a wallet you regularly visit the internet with. Getting a hardware wallet or using an airgapped device to store your crypto keeps them safe.

goldkingcoiner

legendary

Activity: 2254

Merit: 2003

A Bitcoiner chooses. A slave obeys.

scammers are getting more and more wild. But as long as you do not send anyone money, download anything, click on any suspicious links or deposit any money where they want you to, then you should be safe.

Even I am sure that some of my personal info is out there in the hands of scammers. But I will stay vigilant and trust my gut feeling if something is wrong or strange.

Dave1

hero member

Activity: 1414

Merit: 542

Quote from: Upgrade00 on September 19, 2024, 09:37:42 AM

This sort of scams are getting more sophisticated and tends to target those who are desperate to get a chance to use their skills to land a job.
I've had scammers reach out to me on telegram claiming to want to promote a project, they then send a shady meeting link which redirects to download some files.

I spotted it really easy and called them out, but this one was poorly done and such scams can be successful on some people. Everyone always needs to try to take a step back to look at things clearly when dealing with a situation.

Yes, this scams are getting sophisticated and they are now becoming a niche target - individuals who doesn't have a job right now and desperately looking because it's going to be Christmas in the next 3 months or so and they needed that money.

There are redflags as per article, like the HR or the account itself doesn't have any followers or following so it means that the account is just recent.

Anyhow, it's really hard not to fall for this trick specially if you are hopeless situation and so you became reckless and who knows, maybe instead of getting a job, you are going to lose your crypto if you are trap by this scammers.

acroman08

legendary

Activity: 2520

Merit: 1113

Quote from: Jating on September 19, 2024, 06:17:49 AM

just be careful and not allow anything to be downloaded to your laptop or pc as you don't know that inside of those packages and it could surely contains info stealing malwares.

sadly there will be people who are either desperate for a job or careless that they'll fall for this malware scam

in this time and age where scams are evolving and becoming sneakier, cyber security should really be more awareness about or better yet make it a part of the school curriculum(maybe starting in junior or senior high) so younger generations can become prepared and aware for these scams.

Davidvictorson

hero member

Activity: 1120

Merit: 887

Livecasino.io

Right now, I am more than convinced that there are more of these types of malware scanning through users profile on LinkedIn and other social media platforms than we think we know. The ones we know are only the ones that are being exposed. Their targets are already easy to find, folks with keywords like crypto, Bitcoin, Defi and others that are closely related. I think you don't even need to be actively in search for a job. They'll just send a cold message and those who are enticed fall for it and become their victims.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Leading Crypto Sports Betting & Casino Platform

Something similar was brought up on this forum recently. People were warned against this malware. North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social En

I think this was common in United States and FBI warned people about it in the country. People should trust the file sender before they should download it on their device. They are downloading the file from an unknown person which is stupidity.

Porfirii

legendary

Activity: 1932

Merit: 2354

The Alliance Of Bitcointalk Translators - ENG>SPA

I always think it twice, but the next time I'm asked to install any program in my computer or app in my smartphone to write a review about it, I will take even more caution, even if I only participare in campaigns here so I trust on the knowledge of other users much more tech savvy than me.

Scams come in different degrees, depending on the target among other factors, and I think that taking advantage of people who are looking for job because they need to earn money is worse than other types, like when they convince people to take advantage of shady tricks and appeal to they greed and bad faith.

Callido

jr. member

Activity: 36

Merit: 23

Close observation is required in this case, for those who might not yet be aware that some of these telegram tap to tap games might also be one way to pass around this malware and steal crypto from users, while being desperate to earn, we should as well be conscious enough and detect when it's heading the wrong way.

While we may be neglecting advancement and feeling less bothered about privacy and security, there are those who are advancing their modes of scamming and if we do not flow along we might become a victim from one of these without even knowing.

A few ways to prevent these malwares;

Do not click on pop ups or download any file that shows from a pop notification
Install Anti virus
Be sensitive when accepting offers that requires some codes and detailed information's

ImThour

copper member

Activity: 1498

Merit: 1619

Bitcoin Bottom was at $15.4k

I remember there was a scam once with the Influencers. Scammers were targeting Social Media Influencers and used to send them malicious files in form of PDF or Word files which later executed certain scripts on their computer. I am no influencer however I never download any PDF/Word file I receive in my mails. Always open them first on my phone which is safe to do this task. You should try this as well and stay safe!

CryptSafe

sr. member

Activity: 728

Merit: 421

Quote from: BIT-BENDER on September 19, 2024, 10:47:00 AM

This is the new strategy scammers are planning to take right now and everyone needs to be aware of all their gimmicks. The world population of unemployed individuals is growing high and even those who are employed find it hard to get by.

Scammers are preying on the fact that people are in search for jobs and using it against them, we need to be aware of this .
I want to draw the attention of people especially on telegram and discord. There are people spamming groups with jobs offers for devs, moderators, analysis, game testers and so on. After you must apply they would send you a document where you got give them private details and information especially your location. Afterwards they send you a link to check their website, if you aren't lucky that might just be a malware and it can get you.

I think this aspect is basically targeted at the Crypto community. From the replies I have read here, the Scammers send messages inviting them for meetings and interview while some are to fill forms which they would have to download which they could execute their act through the link if they click on it to connect and there is no way you can stop it once you click to connect with them and automatically they get access to your details by sending malwares which automatically downloads into your device.
They do not waste their time with anybody who is not really into crypto if they access your profile via your social media handles and if they do, maybe they just want to steal credit card details or find something in your device which they could use to blackmail you to get something from you. Sometimes they just act foolishly by sending mails to random accounts with phishing link and some threats to falls claims.

BIT-BENDER

hero member

Activity: 1666

Merit: 709

Playbet.io - Crypto Casino and Sportsbook

This is the new strategy scammers are planning to take right now and everyone needs to be aware of all their gimmicks. The world population of unemployed individuals is growing high and even those who are employed find it hard to get by.

Scammers are preying on the fact that people are in search for jobs and using it against them, we need to be aware of this .
I want to draw the attention of people especially on telegram and discord. There are people spamming groups with jobs offers for devs, moderators, analysis, game testers and so on. After you must apply they would send you a document where you got give them private details and information especially your location. Afterwards they send you a link to check their website, if you aren't lucky that might just be a malware and it can get you.

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

This sort of scams are getting more sophisticated and tends to target those who are desperate to get a chance to use their skills to land a job.
I've had scammers reach out to me on telegram claiming to want to promote a project, they then send a shady meeting link which redirects to download some files.

I spotted it really easy and called them out, but this one was poorly done and such scams can be successful on some people. Everyone always needs to try to take a step back to look at things clearly when dealing with a situation.

cryptomaniac_xxx

hero member

Activity: 1344

Merit: 540

Quote from: Ambatman on September 19, 2024, 08:04:54 AM

They are bringing better and more effective ways to scam individuals of their funds and data.
Job scams has been ongoing for quite a long time and this is the first I'm seeing something this sophisticated.

I don't think that we have seen this kind of scams before, but I do agree, they are getting sophisticated specially like in this specific case as this is back up by the North Koreans. And if you have been following their hacking groups, they are evolving every year. Not that they are just attacking CEX, now they target individuals as well for social engineering attacks.

Quote from: Ambatman on September 19, 2024, 08:04:54 AM

Many would likely fall for this especially if the pays and condition is nice
They wouldnt consider if they have anything to loss.
In summary Don't download everything you see online or you been sent and not all sites are save.

Yeah, but as we have a saying here, "if it's too good to be true, then probably is". Meaning you need to have second doubts if the offer in very high for a certain job. And do not download everything even if they say so as that is already another red flag.

Ambatman

sr. member

Activity: 420

Merit: 315

Top Crypto Casino

They are bringing better and more effective ways to scam individuals of their funds and data.
Job scams has been ongoing for quite a long time and this is the first I'm seeing something this sophisticated.
Many would likely fall for this especially if the pays and condition is nice
They wouldnt consider if they have anything to loss.
In summary Don't download everything you see online or you been sent and not all sites are save.

What would it be if such is implemented into airdrops that are been made in the ton Blockchain (currently the hot topic in shitcoins ).
Imagine the number of people that would be affected or if already happened, has already been affected.

Jating

hero member

Activity: 2842

Merit: 772

Just when we thought that the job seeking scams are taking the limelight, there is a new one that also recently pops up. So in this case, he is impersonating a supposedly recruiting firms or tech companies to lure their victims.

Or in any case, they will target employees of decentralized finance ("DeFi"), cryptocurrency, for social engineering campaigns. And now we all know what their modus is, as first reported that they will request to download apps or execute code for those job seekers, or for social engineer, they want the employees to execute code inside the company's internal network.

And once the malware is in the system already, going to be very hard to detect unless the attack had executed already.

https://www.jamf.com/blog/jamf-threat-labs-observes-targeted-attacks-amid-fbi-warnings/

And so it seems that LinkedIn or any other professional networking sites that connects employers and employees are being used by state sponsored criminals. And if you are one of those who are trying to find a job using this professional networking sites, just be careful and not allow anything to be downloaded to your laptop or pc as you don't know that inside of those packages and it could surely contains info stealing malwares.

Topic: Rustdoor Malware - targets crypto job seekers, social engineering attacks (Read 174 times)