VIDEO
From LinkedIn DM to Full Compromise: Inside an Interview Attack
Video Summary:
Fake job interviews have become a favorite way to push malware onto developers. When a "coding challenge" landed in a friend's inbox, I dissect it end-to-end: tracing the lure, deobfuscating a multi-stage infostealer to reveal everything it grabs, then using what I recovered to knock on the attacker's own command-and-control server - monitoring live victims, mapping the operation, and reading the threat actor's mistakes. This talk is that walkthrough, plus what developers and defenders can actually do about it.
Fake job interviews have become a favorite way to push malware onto developers. When a "coding challenge" landed in a friend's inbox, I dissect it end-to-end: tracing the lure, deobfuscating a multi-stage infostealer to reveal everything it grabs, then using what I recovered to knock on the attacker's own command-and-control server - monitoring live victims, mapping the operation, and reading the threat actor's mistakes. This talk is that walkthrough, plus what developers and defenders can actually do about it.
