That NFT job offer is probably malware

Crooks are after the crypto wallets of artists

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Unknown threat actors have been discovered targeting graphic designers and artists with infostealer trojans, security researchers have revealed.

Artists from popular sites such as DeviantArt and Pixiv have been getting multiple messages claiming to offer potentially lucrative job roles. However, the job offer is just a disguise, as the sender’s true goal is to distribute an information-stealing trojan with a “good chance” of not being spotted byantivirussolutions.

Info-stealers usually grab passwords and otheridentity-related data stored in browsers, as well as cryptocurrency wallets, credit card data, and similar.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

A job offer, or trojan?

In the job offer, the artist is invited to work on an NFT project. NFTs, or non-fungible tokens, in this context, are pieces of art stored on the blockchain. Lately, they’ve been enjoying enormous popularity and dizzying valuations (some are worth tens of millions of dollars).

In the offer, the artist will be told what’s expected of them, will be asked for their CV or resume, and will be given a link with examples of previous NFT work by the project managers. That link, for which the attackers say is essentially the project’s style guide, leads to a password-protected RAR archive named ‘Cyberpunk Ape Exemples (pass 111).rar.

The archive does carry a few low-res images, but also carries a well-hidden .EXE file. At first glance, it appears to be a .GIF file, but is, in fact, malware.

What is an NFT? Non-fungible tokens explained, and why you shouldn’t dismiss this fad>Several huge NFT Discords hacked by scam attacks>NFTs are seriously hot right now, but we’re falling into a familiar trap

While infostealers can do all kinds of damage, and steal all kinds of information, in this context it’s safe to assume that the attackers could be after the artists’ cryptocurrency wallets, especially if they’ve been involved in NFT projects in the past. Crypto projects usually pay their team members, employees, and collaborators, in cryptocurrencies.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Cyberpunk Ape project leaders took to Twitter to distance themselves from this campaign, saying the job offer is not real.

“Don’t respond. Don’t click the link. Report the people who are doing this on the platform they contact you on,” the Twitter post reads.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case