- Scammers use fake job listings to trick victims into downloading GrassCall, an app that steals crypto wallet information.
- The group runs the scam, using fake websites and LinkedIn profiles to make the offers seem legitimate.
- To protect yourself, verify job offers, avoid untrusted apps, use hardware wallets for crypto, and monitor your wallets for suspicious activity.
The cryptocurrency world is still a haven for scams, with scammers always looking for new methods to deceive unsuspecting victims.
The newest scam is in the form of fake job postings, luring potential applicants into downloading a malicious app named “GrassCall,” which is being used to steal sensitive information, including cryptocurrency wallets.
GrassCall Crypto Scam
The scam, orchestrated by a Russia-based cyber gang, is a classic example of social engineering. The scammers create fake job ads, primarily targeting the crypto space, to lure victims.
Applicants are contacted via email and instructed to download GrassCall, which appears to be a legitimate meeting app. Once installed, the app silently deploys malware that searches for crypto wallets and drains funds.
One high-profile scam involved a fake company called “Chain Seeker,” which mimicked a real crypto business. The company posted job listings on LinkedIn and Web3 job platforms like CryptoJobsList and WellFound. One such listing offered a business development manager position with a salary of $150,000.
Victims were then asked to contact a “marketing chief” on Telegram and were instructed to download the GrassCall app from a scam-controlled website. Once the app was downloaded, the malware activated and targeted the victim’s crypto wallets.
Cristian Ghita, a Chain Seeker applicant, shared on LinkedIn, “This scam was extremely well-thought-out. They had a website, LinkedIn and X profiles, and staff members listed. It looked legitimate from almost every angle.” Unfortunately, many applicants experienced financial losses.
The hackers behind this attack specialize in the crypto space and are linked to over ten active scams, primarily focusing on spear-phishing tactics aimed at crypto enthusiasts.
Crypto Scam, Security measures
- Verify Job Offers: Always verify the authenticity of job advertisements, especially if they promise high compensation.
- Avoid Untrusted Apps: Never download apps or software from unfamiliar websites, especially if they involve financial transactions.
- Confirm Company History: Investigate thoroughly the company offering the job and make sure it is a solid company with a legitimate online presence.
- Use Hardware Wallets: If you have cryptocurrency on hold, use the utilization of hardware wallets to heighten security.
- Never Share Private Keys: Never share your private keys or sensitive information with anyone, even if they claim to be from a legitimate organization.
- Regularly Monitor Wallets: Keep your crypto wallets and transaction history under close watch. Utilize multi-factor authentication where possible.
For those who are suspecting they have been victimized by the GrassCall scam, it is recommended to use a clean machine to reset passwords, send funds to a new wallet, and report to the concerned authorities. This step can help minimize losses and protect your crypto in the face of such rising threats.
