It was reported to me directly that 4 different people from the Brazilian financial sector were approached by a recruiter on Linkedin, I checked up their profile and their profile supposedly works to Grayscale[1][2].
After talking to the recruiter they get a python code assignment, with a zip file. All of them reported that after running this code their machine got slower and they got login attempts on their emails.
A few things:
* At this very moment I have no idea if the recruiter even works for the company and/or if they know it is a malware. * I'm no infosec expert, but I have the zip file with me, was able to recreate on a VM the malicious behavior.
Question:
* Anyone here has contact with Grayscale Investments[1][2] to confirm this is their real recruiter?
[1] https://www.linkedin.com/company/grayscale-investments/
[2] https://grayscale.com/
1 comments