@jerry @lerg regarding the "malicious interview code" thingy from the podcast, ep340: Interesting version I encountered itw a bit over a year ago: Fake job interview (also tailored at cryptocurrency devs) with a malicious video conferencing app.
-
@jerry @lerg regarding the "malicious interview code" thingy from the podcast, ep340: Interesting version I encountered itw a bit over a year ago: Fake job interview (also tailored at cryptocurrency devs) with a malicious video conferencing app.
Was full amateur hours with everyone involved (incl. attackers, didnt even try obfuscating shit), but led to one of our devs (in the process being fired, someone forgot to take away & lock their company macbook) ending up with an infostealer, stealing company passwords & their private wallets they had on their company device...
Got reminded of that when mentioned the recommendation of running the coding challenges in isolated VMs - bringing it to the office side instead of coding side is a neat workaround & messes with peoples mental model
-
@jerry @lerg regarding the "malicious interview code" thingy from the podcast, ep340: Interesting version I encountered itw a bit over a year ago: Fake job interview (also tailored at cryptocurrency devs) with a malicious video conferencing app.
Was full amateur hours with everyone involved (incl. attackers, didnt even try obfuscating shit), but led to one of our devs (in the process being fired, someone forgot to take away & lock their company macbook) ending up with an infostealer, stealing company passwords & their private wallets they had on their company device...
Got reminded of that when mentioned the recommendation of running the coding challenges in isolated VMs - bringing it to the office side instead of coding side is a neat workaround & messes with peoples mental model
@jerry @lerg oh, and re: "doctor didnt notice his password changed, someone stealing their paycheck": we also encountered this a couple of months ago, fortunately an impacted employee noticed the password change & a helpdesk agent actually put 1 & 1 together, so I believe we managed to revert everything in time.
An interesting quirk was that not everyone noticed - as non-IT users were targeted they may only type in their actual password every couple of days & people forgetting passwords isnt uncommon, so it looks like some employees may have just... assumed IT changed their password/they forgot their passwords/...?
-
@jerry @lerg regarding the "malicious interview code" thingy from the podcast, ep340: Interesting version I encountered itw a bit over a year ago: Fake job interview (also tailored at cryptocurrency devs) with a malicious video conferencing app.
Was full amateur hours with everyone involved (incl. attackers, didnt even try obfuscating shit), but led to one of our devs (in the process being fired, someone forgot to take away & lock their company macbook) ending up with an infostealer, stealing company passwords & their private wallets they had on their company device...
Got reminded of that when mentioned the recommendation of running the coding challenges in isolated VMs - bringing it to the office side instead of coding side is a neat workaround & messes with peoples mental model
@nyanbinary @jerry Oy, fun times... hah.
-
R relay@relay.infosec.exchange shared this topic
