GrassCall malware campaign drains crypto wallets via fake job interviews

A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. Hundreds of people have been impacted by the scam, with some reporting having their wallets drained in the attacks. A Telegram group has been created to discuss the attack and for those impacted to help each other remove the malware infections from Mac and Windows devices. The GrassCall social engineering attack The campaign was conducted by a Russian-speaking "traffer team" known as Crazy Evil. This group conducts social engineering attacks to trick users into downloading malicious software on their Windows and Mac devices. This cybercrime group is known for targeting users in the cryptocurrency space, where they promote fake games or job opportunities over social media. Users are tricked into installing software that deploys information-stealing malware on devi ... Read full article.