1 reply
0 recast
0 reaction
4) In reality GrassCall is a fake software that contains RAT (Trojan), Keylogger and InfoStealer.
5) Through Keylogger and InfoStealer functions, passwords and data typed on the keyboard are stolen. In addition, scanning functions are started for crypto wallets (Phantom, Metamask, Exodus, Keplr, etc) that save locally.
6) If you are already logged in to the wallet, the funds are moved (because they have remote control). If you are not logged in and there is a password, a BruteForce attack is performed or the password is stolen when it is typed (via Keylogger).
Keep in mind that both the people who contact you, the company website and the software that contains malware are absolutely well-groomed. The staff also has profiles on X and LinkedIn. When the website is blocked, they create another malicious software (GrassCall's predecessor was Gathereum).
🎮The gaming variant involves having you test a game and getting paid (again, the goal is to get you to install an .exe file). 0 reply
0 recast
0 reaction
