The rise of cyberattacks continues to challenge the crypto industry, with hackers constantly refining their tactics. A new wave of scams targeting crypto professionals via LinkedIn has come to light, showcasing the increasing sophistication of these malicious schemes.

On December 28, Taylor Monahan, a Web3 security expert, exposed a social media-based scam designed to distribute wallet-draining malware. These cybercriminals pose as recruiters from respected firms, using professional platforms and tools to build trust and lure victims.

How the LinkedIn Crypto Scam Unfolds

The attackers begin by creating fake LinkedIn profiles that appear credible. They then initiate casual conversations, claiming to represent well-known companies and offering enticing job opportunities. This tactic often succeeds in engaging even those not actively seeking employment.

To enhance their deception, the scammers employ legitimate tools like the Willo Video interviewing platform, frequently used by established crypto firms. Victims receive job descriptions and detailed interview questions, which adds an air of professionalism. They are then instructed to record video responses. However, the platform deliberately blocks the camera and microphone, citing technical issues.

At this stage, the scam escalates. Victims are directed to a “How to fix” link containing harmful instructions. Following these steps compromises their devices. Once executed, victims unknowingly allow attackers to gain control, potentially draining their crypto wallets.

“If you follow their instructions, you are f*ked. They vary depending whether you are on Mac/Windows/Linux. But once you do it, Chrome will prompt you to update/restart to ‘fix the issue.’ It’s not fixing the issue. It’s fully f*king you,” Monahan stated.

It was unclear how much these scams have stolen from crypto users as of press time. However, this scheme mirrors past incidents, including a high-profile attack that targeted employees of Ginco, a Japanese crypto wallet software company. Hackers reportedly stole $305 million in Bitcoin from the DMM Bitcoin exchange using these social engineering techniques.

The breach, investigated by the FBI, Japan’s National Police Agency, and the Department of Defense Cyber Crime Center, highlighted the growing threats on platforms like LinkedIn.

While LinkedIn has taken significant measures to combat fake accounts, the challenges remain substantial. In its 2024 fraud report, the platform revealed that over 80 million fake profiles were removed in just six months. Automated systems blocked 94.6% of these accounts, either at registration or through proactive restrictions.