A significant new scam operation known as “WebWyrm” has been uncovered by security researchers, targeting job seekers and enticing them into cryptocurrency scams under the guise of earning money through seemingly trivial tasks.
Furthermore, this operation, coined “WebWyrm” by CloudSEK, has already impacted more than 100,000 individuals across 50 countries and has posed as over 1,000 companies spanning ten different industries, potentially netting the scammers over $100 million. WebWyrm primarily targets victims through WhatsApp, customizing its schemes based on data harvested from recruitment portals to pinpoint individuals more likely to engage with their offers.
Promising weekly salaries ranging from $1,200 to $1,500, victims are prompted to complete multiple “packets” or “resets” each day, each containing 40 tasks. To initiate the process, victims are instructed to deposit funds into a cryptocurrency wallet, such as KuCoin or Shakepay, believing that once a task is completed, the platform will deduct and then return the money along with a commission.
However, the scam’s complexity emerges with “combo tasks” that require progressively larger investments, ensnaring victims in an inescapable cycle of financial loss.
The operation demonstrates remarkable sophistication, employing dedicated contacts to engage with victims on various platforms and creating approximately 6,000 fraudulent websites.
These fake websites are carefully designed to mimic legitimate companies and are highly geo-targeted, with associated WhatsApp numbers featuring country codes matching the victim’s location.
This adaptability enables the scammers to evade detection, as they quickly transition to new infrastructure once abuse reports arise, preserving the continuity of their operation. CloudSEK has shared its research findings with global law enforcement agencies to combat this elaborate and ongoing threat effectively.