This attack method does not trick victims into opening malware-infected PDFs or running malicious video call software, but rather prompts victims to fix microphone and camera access issues.
Reportedly, crypto hackers have found a clever new way to trick victims into downloading 'malicious' malware that allows hackers to access victims' computers and drain their wallets or cause other significant damage.
According to blockchain detective Taylor Monahan (known as Tay on X), hackers first impersonate recruiters from well-known cryptocurrency companies, offering targets salaries between $200,000 and $350,000.
However, this method does not entice targets to open PDFs containing malware, nor does it make victims download video call software disguised as malware, but rather instructs victims to follow the instructions to fix microphone and video access issues.
"If you follow their instructions, you're done for."
How victims suffer from malware attacks
Malicious actors first present respondents with a series of lengthy interview questions before posing a final question that needs to be recorded via video.
However, victims will find that there are issues granting microphone and camera access and are told they are experiencing cache problems, before being presented with the 'solution' to resolve the issue, Monahan added:
"Once you do this, Chrome will prompt you to update/restart to 'fix the issue'. But this does not solve the problem. It's completely misleading you."
Monahan stated that the malware provides attackers with a 'backdoor' to access victims' devices, allowing them to potentially steal cryptocurrency funds.
"Ultimately, they will use every means to attack you," she added, noting that these malware attacks apply to Mac, Windows, and Linux operating systems.
Related: Scammers are using Telegram verification bots to inject malware that steals cryptocurrency.
Monahan stated that these fake recruiters suddenly contacted victims on the professional social networking site LinkedIn, posting various job listings, including business development manager positions and analyst and researcher roles at well-known cryptocurrency companies like Gemini and Kraken.
Hackers also contacted people through freelancing websites, Discord, and Telegram.
The questions posed in written interviews include what victims believe are the most important crypto trends for the industry in the next 12 months, and how business development representatives should expand crypto companies' partnerships in Southeast Asia or Latin America under a 'limited budget'.
Monahan advised those who have already come into contact with the malware to clear the data from their computers.
She added that everyone needs to be 'careful' and maintain 'suspicion'.