Summary: Cyble threat intelligence researchers have identified a malicious GitHub repository posing as a coding challenge that lures developers into downloading a data-stealing backdoor. Targeting Polish-speaking developers, the campaign employs unique methods including using a social media profile for command and control (C&C) activities and geofencing to limit execution. The malware, named “FogDoor,” is designed for stealth and effectiveness in data theft while employing tactics that complicate detection and mitigation efforts.
Affected: Polish-speaking developers and organizations relying on job platforms
Keypoints :
- Malicious GitHub repository disguises as a hiring coding challenge to install backdoor.
- “FogDoor” malware steals sensitive data while employing unusual C&C techniques via social media.
- Researchers recommend measures to identify and counter such attacks, including verification of job offers.
Source: https://thecyberexpress.com/fake-hiring-challenge-targets-developers/