Are you willing to hack and take control of chinese websites for a random person for up to $ 100,000 a month?
Someone is making precisely that tantalizing, bizarre, and clearerly sketchy job offer. The person is using what look like a series of fake accounts with avatars displaying photos of attractive women, and sliding into the direct messages of several cybersecurity Professionals and Researches on X in the last couple of weeks.
“We are recruiting webshell engineers and teams to penetrate chinese websites worldwide, with a monthly salary of up to $ 100,000. If you are interested, you can join our channel final,” Read the Message, ”Read the Message,” Read the Message Included a link to a telegram channel.
For some reason, I also receive this message from an x account named “Look at my homepage,” which has a username, @jerllayce88010, that looks like it was randomly generated.
When I followed the link, I was able to see the admin of the channel, someone who goes by the name “jack” and has an ai-generated avatar of a pirate.
“Are you Proficient in Penetration Technology?” Jack asked me.
I am not, but I asked jack to tell me more about their goals.
Get webshells from chinese registered domains. There is no specific target. web shellsPrograms or scripts that hackers can use to control hacked web servers. “You need to understand China’s CMS…” – Referring to Content Management Systems, The Software That Runs The Backends of Websites – “… Find Loopholes, and Be Able to Obtain Webshells in Batches in Batches. Upper Limit to the Number We Need. The better.
Yes, but crually, why?
“What I Need is China’s Traffic,” Jack Said, Perhaps Losing Patience with My Questions.
OK, but, for What?
At this point, jack definitely got tired of my questions and Gave me an assignment: get me three web shells on any domain registered in China so i know you have the skills. Generally, jack offered me $ 100 for Each Hacked Domain.
Alas, I Still duan’T have the skills to do that, Nor the willingness to break the law. INTEAD I KEPT Asking Questions, Including Who Jack was working for. “Indian Government,” Jack Responded, Although in a Subsequent Chat Jack Contradicted that, Blaming Automatic Translation, Whoa They they said they were using believes chines
I spoke to some of the results who got’s strange job offer, and they were also puzzled. Nobody said they have gotten a malicious link, for example, or suspretive questions that would indicate some sort of doxing or scam campaign.
“I am guessing it’s a troll [rather] Than some serial threat actor, “Said S1R1us, A Security Researcher who received a DM from One of Jack’s SOCKPUPPET Accounts
The Grugq, a Well-KNOWN Cybersecurity Expert, Told Techcrunch that he has Never Seen Anything like this recruiting campaign. “I have Seen [people] Asking Dumb Questions and Spamming for Various Cyber Security Related Things, “He said.
According to the Grugq, Perhaps the Goal is to Infect People Inseide China with Malware, as it does not make sense to use to use chinese domains to launch DDOS Attacks Or spam, trust that wouldn’t justify the high payment.
“I really can’t think of wtf they’re Doing,” The Grugq Concluded. “It makes no sense.”
And Neither Can Anyone Else, Apparently. GodSpeed, Jack, In Whatever Adventure you are embarking on.