A recent scam has targeted job seekers in the Web3 space, using fake job interviews through a harmful meeting app called “GrassCall.” This social engineering scheme, carried out by a Russian-speaking group known as Crazy Evil, has affected hundreds of individuals, with reports of cryptocurrency wallets being drained. Victims were tricked into downloading malware disguised as video meeting software, which could steal sensitive information and passwords. A dedicated Telegram group has been formed for those impacted to share experiences and seek help. Although the scammers seem to have stopped this campaign due to increased attention, anyone who downloaded the app should change their passwords and monitor their accounts for suspicious activity.
In a shocking new scam, job seekers in the Web3 industry are being targeted by hackers through a fake meeting app called “GrassCall.” This malicious campaign involves tricking people with fake job interviews and installing malware designed to steal cryptocurrency wallets.
Hundreds of victims have reported losing funds from their wallets after falling for this social engineering attack. Many are turning to a created Telegram group for support and to discuss ways to remove the malware from their devices.
The GrassCall Scam Uncovered
This attack is the work of a cybercrime group known as Crazy Evil, which operates in Russian and often targets cryptocurrency users. They have been promoting fake job opportunities and games on social media to lure in victims.
Once potential victims express interest in a job, they receive an email inviting them for an interview with a supposed Chief Marketing Officer. This CMO instructs them to download GrassCall for a video meeting, leading to the installation of malware that steals sensitive information from their computers.
Cybersecurity researcher g0njxa points out that GrassCall is part of a more extensive scheme that also included a previous clone app called “Gatherum.” The hackers cleverly use social media and other platforms to build a fake company image, making the job offers seem genuine.
Source: Choy
Victims who download the GrassCall software can unknowingly install dangerous malware that steals passwords, browser cookies, and cryptocurrency wallet information from their devices. This malware is designed to create access points for hackers, allowing them to drain wallets and access sensitive information.
The consequences have been severe for those affected. CryptoJobsList has removed the fraudulent job postings and warned applicants about the scam, urging them to check for malware on their devices. Although the campaign seems to have paused due to the negative attention it received, the threat still looms for those who may have already fallen victim.
If you have downloaded GrassCall or a similar app, it is crucial to change the passwords and security tokens for all your accounts and wallets to protect yourself from further unauthorized access.
What is the GrassCall malware campaign?
GrassCall is a harmful software program that tricks people into thinking they are having real job interviews. Instead, it steals sensitive information, especially from cryptocurrency wallets. Victims may lose their money without realizing it until it’s too late.
How does GrassCall steal information?
GrassCall usually operates by posing as a fake employer during online interviews. It may ask for personal details, passwords, or even remote access to your computer. Once it gains access, it can drain your crypto wallet and other financial accounts.
What should I do if I think I am a victim of GrassCall?
If you suspect you have fallen for GrassCall, act quickly. Change your passwords for all your accounts, especially your crypto wallets. Contact your bank or financial service provider for help, and consider monitoring your accounts for any unusual activity.
How can I avoid GrassCall and similar scams?
To avoid GrassCall, always be cautious with job offers, especially those that sound too good to be true. Research companies before applying, don’t share personal information during interviews, and avoid downloading apps or files from unknown sources.
Where can I report GrassCall or similar scams?
If you encounter GrassCall or any related scams, report it to local authorities and relevant online platforms. You can also inform cybersecurity organizations that monitor such threats, helping to warn others and prevent further attacks.