A New Phishing Scam Targeting Blockchain Engineers

A new phishing scam, disguised as a LinkedIn job offer, is rapidly targeting blockchain engineers. This phishing scam was uncovered by SlowMist, a firm specializing in blockchain security and threat intelligence. Bruno Skvorc recently highlighted the threat on his official X account, exemplifying the danger posed by seemingly legitimate recruitment messages.

The attackers masqueraded as blockchain-based gaming companies, specifically the Socifi game and staking platform, enticing victims with high-paying job opportunities. The recruitment process appeared professional until the scammer provided malicious code from a Bitbucket repository.

SlowMist Recognizes Malware in Phishing Scam

SlowMist researchers examined the code, uncovering encoded malware on the provided server. This malware was designed to steal sensitive user data. Running the unsuspecting developer’s code connected them to malicious command-and-control (C2) servers, harboring hidden scripts aimed at pillaging sensitive information and SSH keys.

These scripts were engineered to extract stored credentials from the macOS keychain and were capable of bypassing security tools like Little Snitch. Consequently, attackers operated undetected while stealing valuable crypto assets.

SlowMist’s Guidelines to Avoid Recruitment Scams

SlowMist offers crucial advice to individuals and enterprises on mitigating these threats. They recommend exercising caution with job offers and any downloaded external code.

Users should verify recruiters through official channels and meticulously inspect shared repositories before executing any scripts. Corporations are encouraged to conduct phishing simulations and monitor code repositories actively.

Additionally, firms should implement advanced security solutions to prevent credential theft and financial losses. As LinkedIn phishing schemes proliferate, SlowMist urges everyone to remain vigilant to protect sensitive data from cybercriminals, advocating for the use of enhanced safety tools to safeguard against potential threats.