Curious about the Newsletter?
Once a month, you get an email with this and other great News you can Use, handwritten by Actual People! Like Me!
I read this article from Hacker News today, about a phishing attack that was recently uncovered, although scams like it have been around for years. In this scam, the threat actors apply for jobs and send a link to download a resumé, which will also download a bunch of malware.
This sort of scam has a flip side, too: as I was writing this blog, a story broke about a new Windows malware named 'Warmcookie', which is distributed through personalized emails containing fake job offers. Clicking the email leads to a legitimate-looking landing page, where you are asked to download the job description. Unfortunately, clicking that will download Warmcookie insted. Warmcookie installs a backdoor into infected machines, "capable of extensive machine fingerprinting, screenshot capturing, and the deployment of additional payloads." intended to surveil and breach corporate networks. Unfortunately, this isn't an exactly new idea, either: in 2023, a long-running campaign by a North Korean threat group was discovered, called "Operation Dream Job" that targeted defense and nuclear engineers with fake job opportunities, but beginning the " job interview" would download a payload of malware instead.
It got me thinking about all the other instances I've seen recently of job related scams - (there's so many variants, I might need to make this a whole series of blog posts!) and it almost makes you wonder how anyone is actually getting hired at all.
Thankfully, none of them are as terrifying as this report, of thousands of people being lured to Southeast Asia with the promise of jobs, only to be kidnapped, trafficked, tortured, and forced into running online scams in inhuman labor camps.
So what is the takeaway? How do we protect ourselves and our companies?

This post is 100% written by a real person, who has read all of the articles referenced within.
All Rights Reserved | Soteria, LLC
All Rights Reserved | Soteria, LLC