216.73.217.176

Unmasking GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams

· Published 13/03/2025 00:47 · Modified 13/03/2025 09:27

Export JSON

Essential information

Published
13/03/2025 00:47
Modified
13/03/2025 09:27
Tags
2025-03-13 atomic macos stealer cryptocurrency grasscall job recruitment scam remote access trojan rhadamanthys russian-speaking cybercriminals social engineering web3
Related entities
1 intrusion sets (apt), 11 techniques (mitre), 3 malware, 2 others

Description

The malware campaign, orchestrated by the Russian-speaking cybercriminal group 'Crazy Evil,' targets job seekers in the and sectors. The attackers create fake companies and job postings, luring victims into downloading malicious software disguised as a video conferencing application. This sophisticated attack deploys Remote Access Trojans and information-stealing programs like for Windows users and for Mac users. The campaign aims to compromise systems and steal assets, with hundreds of people already affected. The infection chain involves impersonation, phishing communication, and malware deployment, showcasing the group's advanced tactics in identity fraud and theft.

External references