Hackers have now started to use the popular application LinkedIn to scam unsuspecting cryptocurrency users. With the hackers now migrating their tactics and illegal activities to LinkedIn, it adds to a list of sophisticated attacks across several platforms with the singular aim of stealing people’s digital assets.

According to Web3 security expert Taylor Monahan (Tayvano) on X, hackers are reportedly using specialized social media-based propaganda to distribute malware. After the malware does its job, the victims typically lose control of their devices, after which the criminals carry out their attacks.

Monahan gave a detailed explanation of how the attackers work and how users can be safe.

Web3 security analyst details go to avoid hackers 

According to Monahan’s post on X, the hackers begin their illegal operations by opening fake LinkedIn profiles that appear credible. The next step is to impersonate popular platforms, posing as recruiters. The hackers initiate conversations with their victims and try to keep the conversations going to build trust.

🚨 Heads up all—some dudes have a slick, new way of dropping some nasty malware.Feels infostealer-y on the surface but…its not.🫠It'll really, deeply rekt you.Pls share this w/ your friends, devs, and multisig signers. Everyone needs to be careful + stay skeptical. 🙏 pic.twitter.com/KRRWGL3GDo

— Tay 💖 (@tayvano_) December 28, 2024

After building trust with their victims, the hackers bamboozle them with mouth-watering employment opportunities. The tactic often achieves its purpose, especially among users seeking active employment. Monahan noted that it also works with those not seeking employment because everybody is looking for ways to increase their income stream.

To further prove to their victims that the job opportunities are indeed legal, they employ the aid of several tools. For instance, they use the Willo Video interviewing platform, one that is frequently used by most crypto firms when interviewing candidates for positions. Victims are also provided with job details and descriptions, which increases the depth of the deception.

The victims are required to record and send their responses on the platform. However, the hackers proceed without actually using the platform’s video features, citing different technical issues to keep the con going.

After this stage, the hackers begin their scam, sending their victims a link containing harmful instructions. Once they follow the instructions, their devices are compromised, helping the hackers gain access.

Monahan warns the crypto community about social engineering scheme 

According to Monahan, once a user clicks the link, they automatically cede control to the hackers irrespective of the device they use.

“If you follow their instructions, you are fcked. They vary depending on whether you are on Mac/Windows/Linux. But once you do it, Chrome will prompt you to update/restart to “fix the issue.” It’s not fixing the issue. It’s fully fcking you,” Monahan said.

It is still unclear the spread of the hack or how much they have recouped, but the incident is closely related to the ones that have occurred in the past. The popular one involved employees of the popular Japanese crypto firm Ginco. The wallet software firm lost about $305 million to hackers via the same social engineering attacks.

The breach was investigated by several bodies including the Federal Bureau of Investigations (FBI) and Japan’s National Police Agency.

While LinkedIn has taken several measures to remove fake accounts, the issue has remained. The platform claimed that about 80 million fake profiles were removed in 2024. Its automated system, which checks accounts at every step, blocked most of the accounts after creation.

Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap