A naukri.com initiative
Kaspersky
2w
115
Image Credit: Kaspersky
Backdoor in coding test on GitHub | Kaspersky official blog
- Hackers have been using fake job offers to target IT specialists for years — and in some cases with staggering success.
- Recently, a new scheme has emerged in which hackers infect developers’ computers with a backdoored script disguised as a coding test.
- One of the most notorious cases of fake job ads used for malicious purposes was witnessed in 2022.
- Hackers managed to contact a senior engineer at Sky Mavis, the company behind the crypto game Axie Infinity, and offer him a high-paying position.
- In 2023, several large-scale campaigns were uncovered in which fake job offers were used to infect developers, media employees, and even cybersecurity specialists (!) with spyware.
- A recently discovered variation of the fake job attack starts similarly. Attackers contact an employee of the target company pretending to be recruiters seeking developers.
- However, one component of this project contains an unusually long string, specially formatted to be overlooked when scrolling quickly.
- When the victim runs the malicious project, this code downloads, unpacks, and executes the code for the next stage.
- This next stage is a Python file without an extension, with a dot at the beginning of the filename signaling to the OS that the file is hidden.
- As with the other variations of this scheme, the hackers count on the victim using their work computer to complete the “interview” and run the “test”.
Read Full Article
6 Likes
For uninterrupted reading, download the app