SlowMist Uncovers Sneaky LinkedIn Phishing Scam Draining Crypto Wallets

A new phishing scam, disguised as a LinkedIn job offer, is rapidly targeting blockchain engineers. This phishing scam is unmasked by SlowMist, a firm for blockchain security and threat intelligence. The latest case is witnessed by Bruno Skvorc from his official X account. This case underscores the threat lying behind a legitimate recruitment message.

The attackers disguised themselves in the form of blockchain-based gaming, that is, the Socifi game, and staking platform. They have lured victims, offering them high-paying job opportunities. The recruiting process seemed professional, turning sinister after the scammer provided a malicious code, a Bitbucket repository.

SlowMist Recognizes Malware in Phishing Scam

The SlowMist researchers have closely examined the code and searched encoded malware in the provided server. This malware was constructed in a way to rob sensitive and important user data. After running the unsuspecting developer’s code, it appeared to connect with malicious command-and-control (C2) servers. It contains some hidden scripts, aiming to steal sensitive details from the system and SSH keys.

These scripts are also designed in the way to extract the stored credentials in macOS keychains extension data from the browser. Interestingly, the malware was designed to bypass security observing tools such as Little Snitch. Through this, the attackers remained undetected while robbing sensitive and valuable crypto assets.

SlowMist to Provide Guidelines to Stay Secure from Recruitment Scams

SlowMist provides significant advice to both individuals and enterprises for lowering the threats. The platform gives a useful piece of advice to stay cautious while getting job offers, having downloaded external code.

With the help of official channels, the users should verify the recruiters. They should further examine shared repositories before going ahead, staying away from executing scripts without investigation. On the other hand, companies must execute phishing simulations while observing code repositories.

The firms should also leverage advanced security solutions, restraining credential theft and financial losses. With the continuous LinkedIn phishing schemes growing rapidly, SlowMist advises users to stay vigilant to protect their sensitive data from cybercriminals. The platform recommended the community protect their sensitive data from hackers leveraging advanced safety tools.