{"id":19999,"date":"2024-12-30T10:53:40","date_gmt":"2024-12-30T08:53:40","guid":{"rendered":"https:\/\/forklog.com\/en\/hackers-exploit-microphone-debugging-to-steal-crypto-assets\/"},"modified":"2024-12-30T10:53:40","modified_gmt":"2024-12-30T08:53:40","slug":"hackers-exploit-microphone-debugging-to-steal-crypto-assets","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hackers-exploit-microphone-debugging-to-steal-crypto-assets\/","title":{"rendered":"Hackers Exploit &#8216;Microphone Debugging&#8217; to Steal Crypto Assets"},"content":{"rendered":"<p>Job seekers in cryptocurrency firms have encountered a new cybercriminal scheme aimed at stealing their assets, according to MetaMask developer Taylor Monahan.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">? Heads up all\u2014some dudes have a slick, new way of dropping some nasty malware.<\/p>\n<p>Feels infostealer-y on the surface but\u2026its not.?<\/p>\n<p>It&#8217;ll really, deeply rekt you.<\/p>\n<p>Pls share this w\/ your friends, devs, and multisig signers. Everyone needs to be careful + stay skeptical. ? <a href=\"https:\/\/t.co\/KRRWGL3GDo\">pic.twitter.com\/KRRWGL3GDo<\/a><\/p>\n<p>\u2014 Tay ? (@tayvano_) <a href=\"https:\/\/twitter.com\/tayvano_\/status\/1872980013542457802?ref_src=twsrc%5Etfw\">December 28, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to her, fraudulent job offers have spread on LinkedIn, freelancer sites, Discord, and Telegram, purportedly from bitcoin exchanges Kraken, MEXC, Gemini, Meta Corporation, and others. Fake recruiters are seeking candidates for technical specialists, traders, and analysts with salaries ranging from $200,000 to $350,000.<\/p>\n<p>Initially, the victim is invited to a text interview on the Willo website, where they are asked about trends in the crypto market and tasked with developing a business expansion strategy on a limited budget. The final task on organizing team work requires the applicant to record a video response.\u00a0<\/p>\n<p>A browser pop-up requests access to the user&#8217;s microphone and camera. However, the page then displays an equipment error. To resolve it, the site suggests updating drivers and restarting the browser.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">If you follow their instructions, you are fucked.<\/p>\n<p>They vary depending whether you are on Mac\/Windows\/Linux.<\/p>\n<p>But once you do it, Chrome will prompt you to update\/restart to &#8220;fix the issue.&#8221;<\/p>\n<p>It&#8217;s not fixing the issue. It&#8217;s fully fucking you. <a href=\"https:\/\/t.co\/ZEn2HpuAEb\">pic.twitter.com\/ZEn2HpuAEb<\/a><\/p>\n<p>\u2014 Tay ? (@tayvano_) <a href=\"https:\/\/twitter.com\/tayvano_\/status\/1872980032752415227?ref_src=twsrc%5Etfw\">December 28, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Following these &#8220;recommendations&#8221; leads to the installation of a backdoor, granting attackers access to the victim&#8217;s devices and enabling them to steal cryptocurrency funds.<\/p>\n<p>The attack affects macOS, Windows, and Linux operating systems.<\/p>\n<p>Monahan did not specify the number of potential victims or the amount of damage.<\/p>\n<p>Earlier, an attack on the Japanese cryptocurrency exchange DMM Bitcoin, resulting in $308 million in damages, also began with a fraudulent recruiter on LinkedIn who compromised an employee of a third-party company with access to the platform&#8217;s assets. According to the FBI, state-sponsored North Korean hackers known as TraderTraitor were behind the incident.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Job seekers in cryptocurrency firms have encountered a new cybercriminal scheme aimed at stealing their assets, according to MetaMask developer Taylor Monahan. ? Heads up all\u2014some dudes have a slick, new way of dropping some nasty malware. Feels infostealer-y on the surface but\u2026its not.? It&#8217;ll really, deeply rekt you. Pls share this w\/ your friends, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":19998,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1523,1246],"class_list":["post-19999","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-linkedin","tag-scammers"],"aioseo_notices":[],"amp_enabled":true,"views":"12","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/19999","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=19999"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/19999\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/19998"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=19999"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=19999"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=19999"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}