CrowdStrike identified a phishing campaign that mimics its recruitment process to distribute a cryptominer disguised as a CRM application, highlighting the importance of vigilance.
The attack targets unwary job applicants, claiming they’ve progressed in the hiring process, tempting them to click links leading to malicious downloads.
The downloaded application acts as a downloader for XMRig, executing checks to avoid detection while covertly installing mining software on the victim's machine.
CrowdStrike urges caution, noting this isn't the first scam involving false job offers, as malicious actors commonly exploit company names for phishing.
Collection
[
|
...
]