Skip to main content

cryptoscams.wiki

Navigation

Main page
Report a scam
Contribute an entry
Moderation

Categories

All entries280
Projects74
Tokens40
Individuals115
Organizations & groups12
Exchanges & platforms28
Websites & domains1
Social accounts2
Other8

Tools

All entries (A–Z)
Recent changes
Timeline
Statistics
Random entry

cryptoscams.wiki is a source-backed database. Entries are user-submitted and may contain errors.

Nothing here is legal or financial advice. Report corrections via the moderation queue.

Tag: malware

3 entries tagged “malware”.

Contagious Interview (UNC4736)
A North Korea-linked campaign that poses as recruiters/contractors to trick developers and crypto workers into running malware (e.g. BeaverTail, InvisibleFerret, INLETDRIFT). Tracked as UNC4736 / AppleJeus / Citrine Sleet; linked to the Radiant Capital theft.
Organizations & groupsMalware / drainerHigh· 2 sources· updated Jun 8, 2026
@xcartermurphy (X impersonation account)
An X (Twitter) account described in a public post as an impersonator tied to a malware-focused social-engineering operation. Per the post, the account displayed (then removed) a well-known VC firm's tag in its bio, and a target was sent a malware-laden 'WeChat' installer plus an install command hosted on a now-scrubbed domain.
Social accountsImpersonationHigh· 2 sources· updated Jun 8, 2026
BlueNoroff (APT38)
A North Korea-linked, financially focused sub-group of the Lazarus umbrella that targets banks and crypto firms. Blamed for the 2016 Bangladesh Bank SWIFT heist and, more recently, macOS malware campaigns against crypto businesses (RustBucket, KandyKorn, 'Hidden Risk'). Sanctioned by the U.S. in 2019.
Organizations & groupsOtherCritical· 2 sources· updated Jun 8, 2026