Cybersecurity firm CrowdStrike has warned of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which ultimately installs the XMRig cryptominer.
The campaign was discovered on January 7, 2025, and involves phishing emails impersonating CrowdStrike recruitment, directing victims to a malicious website.
The phishing message claims recipients have been selected for a junior developer role and must download a CRM tool. Regardless of the chosen option, a Windows executable downloads, serving as a downloader for XMRig, supporting evasion mechanisms.
Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unsolicited files.