menu
techminis

A naukri.com initiative

google-web-stories
source image

Securityaffairs

1w

read

21

img
dot

Image Credit: Securityaffairs

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

  • Cybersecurity firm CrowdStrike has warned of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which ultimately installs the XMRig cryptominer.
  • The campaign was discovered on January 7, 2025, and involves phishing emails impersonating CrowdStrike recruitment, directing victims to a malicious website.
  • The phishing message claims recipients have been selected for a junior developer role and must download a CRM tool. Regardless of the chosen option, a Windows executable downloads, serving as a downloader for XMRig, supporting evasion mechanisms.
  • Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unsolicited files.

Read Full Article

like

1 Like

For uninterrupted reading, download the app