Unmasking GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams

SUMMARY :

The GrassCall malware campaign, orchestrated by the Russian-speaking cybercriminal group 'Crazy Evil,' targets job seekers in the cryptocurrency and Web3 sectors. The attackers create fake companies and job postings, luring victims into downloading malicious software disguised as a video conferencing application. This sophisticated social engineering attack deploys Remote Access Trojans and information-stealing programs like Rhadamanthys for Windows users and Atomic macOS Stealer for Mac users. The campaign aims to compromise systems and steal cryptocurrency assets, with hundreds of people already affected. The infection chain involves impersonation, phishing communication, and malware deployment, showcasing the group's advanced tactics in identity fraud and cryptocurrency theft.

OPENCTI LABELS :

social engineering,remote access trojan,cryptocurrency,rhadamanthys,atomic macos stealer,web3,grasscall,job recruitment scam,russian-speaking cybercriminals


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Unmasking GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams