Malware Recruitment Scam Alert - @vadeusnetwork I want to expose a dangerous tactic being used in the crypto/Web3 hiring space. I was contacted by the verified X account “@VadeusNetwork” for a moderator/community role. At first, everything looked legitimate: - Verified profile - Professional branding - Community role offer - Standard hiring-style conversation Then they sent me a “DocSend” document link: docsend(dot)com/view/d8t573pcqr6dia72 At first glance, it looks normal. But when opened, the page says: “This document requires the DocSend application for secure viewing.” Then it pushes users to download an app from: docsendapplication.online That domain is NOT official DocSend or Dropbox infrastructure. Real DocSend uses: docsend.com NOT: docsendapplication.online This is a classic malware/social engineering flow: - Use a trusted platform name (DocSend) - Create urgency/professionalism through a fake hiring process - Push a fake “secure viewer app” - Trick victims into installing malware This type of attack specifically targets: Web3 workers, Moderators, Community managers, partnership managers, freelancers, startup contributors because we constantly open decks, proposals, and onboarding docs. I did not execute the file outside the VM environment, but less technical users could easily fall for this. Be careful: - Never install “viewer apps” from random hiring links - Verify domains carefully - Use sandbox environments - Assume crypto recruitment DMs are high-risk until proven otherwise If anyone else received similar messages from this project/account, reply below. Stay safe & Fk you scammers @vadeusnetwork
