Cybercriminals Gain Access to Virtual Currencies via "Microphone Spying" Techniques
===================================================================
A new cybercrime scheme, revealed by MetaMask developer Taylor Monahan, has been targeting job seekers specifically interested in roles within the cryptocurrency industry. The scheme, which has been active on platforms like LinkedIn, Discord, Telegram, and freelance websites, aims to steal assets from victims by infiltrating their devices through malicious browser extensions, fake wallet applications, phishing sites posing as legitimate crypto services, and distribution of malware via cracked or pirated software downloads.
The attackers often use hundreds of fake browser extensions on platforms like Firefox and Chrome, which steal credentials once installed. Scam websites claiming to offer wallet repair tools or crypto-related jobs trick users into submitting sensitive data. Phishing and social engineering via bulk messages or personalized communication are also used to gain trust and recruit victims for fraudulent “jobs,” maintaining continuous contact to build relationships and manipulate targets.
The DMM Bitcoin attack, which resulted in $308 million in losses, was one example of the damage this scheme can cause. The attack was orchestrated by North Korean state-backed hackers known as TraderTraitor. In the DMM Bitcoin case, the attack started with a fake recruiter on LinkedIn offering roles for technical specialists, traders, and analysts with salaries ranging from $200,000 to $350,000.
To avoid falling victim to such malware and scams, it is recommended to avoid installing browser extensions or wallet software from unverified sources, not download cracked or pirated software, be wary of job offers or task scams communicated via unsolicited bulk SMS, social media, or messaging apps, never share wallet credentials, private keys, or install remote-access software upon an unsolicited request, inspect URLs carefully to detect spoofed or scam websites, confirm offers or requests via an independent contact channel to prevent falling for social engineering, use tools like the FTC Scam Tracker or local scam-reporting platforms to check recent scams and reports, and pause before reacting to urgent or high-pressure requests, as urgency is a common red flag in scams.
The scheme targets macOS, Windows, and Linux operating systems. During the final stage, candidates are asked to record a video response. A pop-up window requests access to the user's microphone and camera during the recording.
In conclusion, vigilance on software sources, cautious communication, and verifying all crypto-related job offers and downloads can significantly reduce the risk of infiltration by this malware targeting cryptocurrency job seekers.
Read also:
- Tesla is reportedly staying away from the solid-state battery trend, as suggested by indications from CATL and Panasonic.
- Review of the 2025 Lamborghini Revuelto: Blazing Beasts on Wheels
- Tech giant Apple debuts sports app integrating betting odds provided by DraftKings
- California links 100,000 home storage batteries through its Virtual Power Plant program.
