Fake Job Scams on LinkedIn: Hackers Stealing Data via Video Call App

Global Cyber Alert: A new online scam is targeting job seekers through fake LinkedIn job listings and a malicious video call app called GrassCall. Cybercriminals, reportedly from a Russian-speaking group named "Crazy Evil", are scamming professionals in the Web3 and cryptocurrency space by luring them into fake interviews.

According to BleepingComputer, the scammers post fraudulent job listings on platforms like LinkedIn, WellFound, and CryptoJobsList under a fake company called "ChainSeeker.io". After candidates apply, they receive an email directing them to a Telegram conversation with a so-called Chief Marketing Officer (CMO). The CMO then instructs them to download GrassCall, which secretly installs malware to steal bank details, passwords, cryptocurrency wallets, and authentication data.

How the Malware Works:

• Windows Devices: Installs a Remote Access Trojan (RAT) and Rhadamanthys info-stealer.

• Mac Devices: Installs Atomic Stealer (AMOS), designed to steal financial data.

Many job seekers have already fallen victim, losing money and sensitive information. Following the exposure of the scam, platforms like CryptoJobsList removed the fake job postings, and the GrassCall website was taken down. Cybersecurity experts warn that similar scams may continue to emerge as cybercriminals exploit the growing interest in Web3 and cryptocurrency jobs.

How to Stay Safe:

• Verify job listings before applying.

• Avoid downloading unknown apps for interviews.

• Be cautious of Telegram job communications.

• Use security tools to detect malware.