EncryptHub Phishes Web3 Developers with Fake AI Platforms to Install Crypto-Stealing Malware

The financially motivated threat group EncryptHub (aka LARVA‑208/Water Gamayun) is targeting Web3 developers via spoofed AI platforms like "Norlax AI" and "Teampilot." Using fake job offers or portfolio reviews, attackers lure victims into downloading malicious software disguised as audio drivers. This triggers the installation of Fickle Stealer, which harvests cryptocurrency wallets, dev credentials, and project data for exfiltration. Developers should use endpoint protection and authenticity.

Categories

EncryptHub Phishes Web3 Developers with Fake AI Platforms to Install Crypto-Stealing Malware

Also Read

Hackers Exploit Citrix NetScaler Vulnerabilities to Deploy Targeted Malware

Microsoft Issues Critical Windows Recovery Environment Update to Patch Vulnerabilities

Yahoo Returns to Search Roots With New AI-Powered Answer Engine Scout

Elon Musk Restructures xAI as Key Founding Members Depart Company

Apple Issues Rare Retention Bonuses to iPhone Designers Amid OpenAI Talent War

Dancing Robot Slaps Child During Public Performance in China

Bluesky Introduces Attie: New AI Tool for Personalized Custom Feeds

Global Conflicts Disrupt E-commerce and Quick Commerce Supply Chains

Indian Startups Pivot to Small Language Models for Efficiency and Privacy

Download TechShots

Share your insights

Subscribe To Our Newsletter.