Crypto Thieves Strike with "GrassCall" Job Scam App

By setting up fake job postings under a made-up company called “Chain Seeker”, the scammers convinced applicants to download a meeting app called GrassCall, which secretly accessed their crypto wallets.

On February 26, BleepingComputer reported that the fraudulent websites and LinkedIn accounts connected to the scam had been taken down.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is Polygon in Crypto? (Animated Explainer)

SUBSCRIBE

ON YOUTUBE

The scam was well-organized, with a professional-looking website and active social media accounts on LinkedIn, CryptoJobsList, and WellFound. People who applied for jobs received emails instructing them to contact a supposed marketing chief on Telegram. From there, they were directed to download GrassCall from a site controlled by the scammers.

Many victims reported losing their cryptocurrency after installing the app. Cristian Ghita, who applied for a role at Chain Seeker, described the setup as “extremely well-orchestrated”, noting that even the meeting app appeared legitimate.

Before launching this scheme, Crazy Evil had used a similar tactic with another fake app called Gatherum, which also posed as a video-conferencing tool. The cybersecurity firm Recorded Future has linked the group to multiple frauds targeting the crypto industry, mainly through phishing scams designed to steal digital assets.

Meanwhile, the cybersecurity firm Kaspersky reported on February 24 that hackers used fake GitHub repositories to steal cryptocurrencies and login credentials. How? Read the full story.