EncryptHub Phishes Web3 Developers with Fake AI Platforms to Install Crypto-Stealing Malware

The financially motivated threat group EncryptHub (aka LARVA‑208/Water Gamayun) is targeting Web3 developers via spoofed AI platforms like "Norlax AI" and "Teampilot." Using fake job offers or portfolio reviews, attackers lure victims into downloading malicious software disguised as audio drivers. This triggers the installation of Fickle Stealer, which harvests cryptocurrency wallets, dev credentials, and project data for exfiltration. Developers should use endpoint protection and authenticity.

Categories

EncryptHub Phishes Web3 Developers with Fake AI Platforms to Install Crypto-Stealing Malware

Also Read

YouTube Updates Monetization Policies for Content Covering Sensitive Topics

India Bolsters Defense Space Strategy at DefSpace Capability Dialogue

OpenAI Moves to Reassure Investors Amid Escalating Legal Battle with Elon Musk

OpenAI to Introduce Advertisements in ChatGPT Free and Plus Tiers for Revenue Growth

Arista Vault Co-founder Purvi Roy Honored with National Startup Award 2026

India’s Startup Ecosystem Explodes with 44,000 New Registrations in 2025

Tennessee Man Pleads Guilty to Hacking U.S. Supreme Court and Federal Systems

US FTC to Scrutinize Big Tech’s Talent Acquisition Deals Amid Antitrust Concerns

Anti-Doomscrolling Influencers: The New Warriors Fighting Social Media Addiction

Download the TechShots App

Subscribe To Our Newsletter.