Los programadores que se presentan a las “entrevistas” deben realizar una serie de pruebas técnicas, incluyendo la descarga y ejecución de código alojado en GitHub, para dar la sensación a la víctima que se trata de un proceso de selección legítimo. But what the victim does not yet know is that they are going to run a malicious program that opens a backdoor that collects information and maintains remote access to the infected system.

This fraud is based on a social engineering attack and then the use of malicious software. The attackers ask the victim to install an NPM package, very common in Python, that once executed starts the processes of an obfuscated Java file that downloads additional files from a malicious server.

This trojan keeps the connection with the malicious actor active, collects files and commands from the victim system and exfiltrates information to servers controlled by the cybercriminal.

In these cases, it is recommended to pay close attention to possible job offers that offer many advantages, that seek that the “candidate” accept that “interview” quickly.

Fountain: Bleeping Computer


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »