Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Python

Fake Job Interviews Target Developers With New Python Backdoor (bleepingcomputer.com) 16

An anonymous reader quotes a report from BleepingComputer: A new campaign tracked as "Dev Popper" is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are asked to perform tasks supposedly related to the interview, like downloading and running code from GitHub, in an effort to make the entire process appear legitimate. However, the threat actor's goal is make their targets download malicious software that gathers system information and enables remote access to the host. According to Securonix analysts, the campaign is likely orchestrated by North Korean threat actors based on the observed tactics. The connections are not strong enough for attribution, though. [...]

Although the perpetrators of the Dev Popper attack aren't known, the tactic of using job lures as bait to infect people with malware is still prevalent, so people should remain vigilant of the risks. The researchers note that the method "exploits the developer's professional engagement and trust in the job application process, where refusal to perform the interviewer's actions could compromise the job opportunity," which makes it very effective.

This discussion has been archived. No new comments can be posted.

Fake Job Interviews Target Developers With New Python Backdoor

Comments Filter:
  • LOL! (Score:5, Funny)

    by ls671 ( 1122017 ) on Friday April 26, 2024 @07:05PM (#64428844) Homepage

    I wouldn't even install Teams for a "job interview" :)

  • not have a job ... and have the skills to reformat the computer and probably have backups... seems like a bad idea if they want to collect a ramson later.
  • part of this sound likes do free work for us that some places do try.
    so they want to download and fix there code in the hope of maybe getting an job?

    • by rta ( 559125 )

      It's an interesting question. I've never encountered a "do work for us" but i've certainly spent hours, once a few days on some projects for interviews and i've also given them out.

      I've also had full day interviews for jobs. Sometimes multiple half days. Most places i've worked had fairly short interview processes and even that would be at least 6 hours of involvement to get a job.

      The movie industry is mulling it over too:
      https://web.archive.org/web/20... [archive.org]

      And idk what the state is of no cost estimates for

    • by PPH ( 736903 )

      Sure. Here's your code. Hire me and I'll tell you where the logic bomb is.

    • by Slayer ( 6656 )

      part of this sound likes do free work for us that some places do try.

      I keep reading this, but it neither matches my experience during job interviews, nor would I want any job applicant to write my code. In many professional jobs it takes months to become productive, and that means with access to colleagues and documentation, so there is no chance, that an outsider could create anything of significance during the interview process. If you hand out a small junk of software work to an outsider, you'd also have to specify it very precisely and you'd have to review the result tho

  • by alvinrod ( 889928 ) on Friday April 26, 2024 @07:44PM (#64428898)
    The concept is kind of interesting. Imagine a security firm that interviews candidates this way. Anyone they can compromise automatically fails the interview. For senior level positions they actually kidnap the candidate's family to see if they can extort them that way. Everyone at the water cooler refers to the NSA and CIA as a bunch of pussies.
    • We do not appreciate it if former employees post confidential information about the inner workings online, even after leaving The Company.

      That incident will be examined.

  • by ctilsie242 ( 4841247 ) on Friday April 26, 2024 @08:43PM (#64428938)

    I remember job interviews like this from a few years back. What I did was spawn an AWS LightSail instance with a static IP and go from there. When the interview is finished, I'd just nuke the VM and call it done.

    Maybe it is part of being a good developer to run stuff that is potentially compromising, on a sandbon/VM, on a separate network.

  • ... perform the interviewer's actions could compromise ...

    While 'do what I say' corporate blackmail is common (think EULA), everyone should assume the worst when anonymous or unverified adverts appear. Doubly-so for unseen or unverified code.

  • by Opportunist ( 166417 ) on Saturday April 27, 2024 @02:09AM (#64429210)

    You install unsolicited code on something other than a VM that contains no sensitive information, running on a computer you will wipe after the interview, on a connection that isn't physically separated from the rest of your network?

    Sorry, your security conscience is not at the level we require.

How many hardware guys does it take to change a light bulb? "Well the diagnostics say it's fine buddy, so it's a software problem."

Working...