Hacking group Crazy Evil created a fake Web3 company dubbed "ChainSeeker.io" to trick crypto industry job seekers into downloading wallet-draining malware.

The group set up LinkedIn and X profiles advertising standard crypto industry jobs, like “Blockchain Analyst” or “Social Media Manager,” according to cybersecurity website Bleeping Computer. 

讲俄语的团体（被称为Crazy Evil）也在LinkedIn，Wellfound和CryptoJobslist等网站上发表了高级广告，以提高广告的可见性。然后，申请人将收到伪造公司的“首席人力资源官”的电子邮件，他们将邀请他们联系伪造的“首席营销官”（CMO）。然后，GrassCall将安装各种信息宣传恶意软件或远程访问Trojans（老鼠s），它将搜索加密钱包，密码，苹果钥匙链数据和存储在网络浏览器中的认证cookies。

在撰写本文时不再运行活动，并且大多数广告似乎已从社交媒体中删除，根据流失的计算机。在LinkedIn帖子的一篇文章中，几乎所有角度的合法。记录的未来发现了该集团在社交媒体上进行的十个单独的社会工程骗局，其中许多是针对在Defi行业工作的人。

the report pegs the group's lifetime revenue at over $5 million and believes it has been recruiting on Russian-language message boards since 2021. Outside of fake job ads, there are plenty of other targeted scams that crypto industry professionals need to be aware of.

Last year, a sophisticated social engineering scam saw hackers use fake Zoom links to install crypto-stealing malware, using similar tactics to Crazy Evil's latest phishing campaign.

And in January, research firm SentinelLabs showed how the North Korea-linked group BlueNoroff used email updates on DeFi trends and bitcoin prices to trick users into downloading malware disguised as PDF reports.