Scammers Exploit Fake Crypto Jobs and Meeting Apps to Drain Wallets

In an alarming trend, cybercriminals are increasingly targeting professionals in the cryptocurrency and Web3 sectors through sophisticated scams involving fake job offers and malicious meeting applications.

Overview

On February 26 2025, BleepingComputer announced that the scammers involved in the scheme have ceased operations. Websites and LinkedIn profiles linked to the scam have been removed after numerous victims came forward. 

Some of those targeted revealed that their crypto wallets were drained after downloading the GrassCall app. These deceptive practices have led to significant financial losses, with scammers employing advanced techniques to compromise victims’ digital assets.

The Rise of Fake Crypto Job Scams

Scammers have impersonated reputable crypto firms to lure job seekers into fraudulent employment schemes. For instance, individuals have reported being contacted by supposed recruiters offering lucrative positions only to be directed to fake interview platforms. During these interviews, victims are instructed to execute specific commands or download applications that, unbeknownst to them, install malware on their devices. 

This malware grants attackers backdoor access, enabling them to steal sensitive information and drain crypto wallets. In one reported case, victims were deceived into downloading a malicious meeting application, leading to unauthorised access to their crypto assets.  

Malicious Meeting Applications: The ‘GrassCall’ Scam

A particularly insidious tactic involves using fake meeting applications, such as the ‘GrassCall’ app. Scammers create convincing company websites and social media profiles using AI-generated content to appear legitimate. They then approach professionals, often through platforms like Telegram or LinkedIn, and invite them to download the malicious meeting app under the pretence of discussing business opportunities. 

Once installed, the app deploys malware to harvest sensitive data, including crypto wallet credentials. This method has effectively bypassed traditional security measures, as the apps appear authentic and are often tailored to the victim’s industry.

Protecting Yourself from These Scams

To safeguard against these sophisticated scams, individuals should exercise caution when approached with unsolicited job offers or meeting requests, especially in the crypto sector. Here are some protective measures:

• Verify the Source: Always confirm the legitimacy of the company and the recruiter by cross-referencing official websites and contacting the organisation directly through known channels.
• Avoid Downloading Unverified Applications: Do not install software or applications from unfamiliar sources. Instead, use official platforms and trusted services for meetings and communications.
• Be Wary of Unusual Requests: If asked to execute unfamiliar commands or provide sensitive information during an interview or meeting setup, halt the process immediately and investigate further.
• Maintain Updated Security Software: Ensure your devices have up-to-date antivirus and anti-malware programs to detect and prevent unauthorised access.
• Regularly Monitor Accounts: Monitor your crypto wallets and accounts for unauthorised transactions or changes.

By staying vigilant and adopting these protective measures, individuals can reduce the risk of falling victim to these increasingly sophisticated scams targeting the crypto and Web3 communities.