Job Scams | Breaking Cybersecurity News | The Hacker News

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for Windows and Apple macOS to deliver malware. Contagious Interview, also tracked as DEV#POPPER, is a malicious campaign orchestrated by a North Korean threat actor tracked by CrowdStrike under the moniker Famous Chollima. The attack chains begin with a fictitious job interview, tricking job seekers into downloading and running a Node.js project that contains the BeaverTail downloader malware, which in turn delivers InvisibleFerret, a cross-platform Python backdoor that's equipped with remote control, keylogging, and browser stealing capabilities. Some iterations of BeaverTail, which also...

Money mules have been aggressively recruited this year to help cybercriminals launder money, according to Fortinet. A recent example of this is the worldwide prosecution of a Zeus criminal operation, which included 37 charges against alleged money mules. Recent Zeus stories illustrate how prevalent money mules have become and how they are being used to filter, disguise, and spread money transfers. Today, mules are typically recruited into criminal organizations through legitimate-looking advertisements. A suspect ad may suggest a client is looking for a "payment processing agent," "money transfer agent," or something as vague as an "administrative representative." These recruitment ads can be found anywhere from print and online job sites to direct points of contact. While many mules likely enter into the business relationship knowing the full criminal implications of what they are doing, a surprising number do not. One of the most recent money mule rec...

CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.