Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Fake job interviews target developers with new Python backdoor

⁨151⁩ ⁨likes⁩

Submitted ⁨⁨10⁩ ⁨months⁩ ago⁩ by ⁨alb_004@lemm.ee⁩ to ⁨technology@lemmy.world⁩

https://www.bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/

source

Comments

Sort:hotnewtop
  • SnotFlickerman@lemmy.blahaj.zone ⁨10⁩ ⁨months⁩ ago

    It’s like they want me to give up finding a job when half the job interviews are fucking scams.

    “nObOdY wAnTs tO wOrK aNyMoRe”

    source
    • sugar_in_your_tea@sh.itjust.works ⁨10⁩ ⁨months⁩ ago

      Yeah, I was pretty skeptical with my current job:

      1. Recruiter contacted me, I didn’t contact them
      2. Interview done by Indians, full remote
      3. I had never heard of the company

      But everything checked out, and I love the job. It’s not a tech company, but it has the best parts of one (proper AGILE processes, separated QA, dev, and devOPs roles, modem tech stack, etc).

      So be careful of scams, but not so careful you miss out on great opportunities.

      source
      • expr@programming.dev ⁨10⁩ ⁨months⁩ ago
        1. Is pretty standard in the industry for people with experience. I haven’t actually applied to any jobs myself in a while. Job hunting for me is sifting through the recruiter messages that hit my inbox.
        source
        • -> View More Comments
      • PlantJam@lemmy.world ⁨10⁩ ⁨months⁩ ago

        Being a developer at a non tech company is great. My role tends to blur between salesforce amin and developer, but that’s partly because of the small size of the company (less than 100 employees total, less than 10 in IT).

        source
        • -> View More Comments
      • bitwolf@lemmy.one ⁨10⁩ ⁨months⁩ ago

        Are they still looking for talent?

        My current job is taking advantage of the market and drastically changing things for the worse and I’m feeling stuck, far away from my family and friends.

        source
        • -> View More Comments
  • prof@infosec.pub ⁨10⁩ ⁨months⁩ ago

    It’s sad that this works. You’d think especially software professionals would be the most vigilant about running unknown code.

    source
    • sugar_in_your_tea@sh.itjust.works ⁨10⁩ ⁨months⁩ ago

      I run interviews, and a lot of applicants can’t write code. So they’re probably going after low-hanging fruit like that.

      source
      • prof@infosec.pub ⁨10⁩ ⁨months⁩ ago

        Makes sense, I feel bad for the guys that were happy for a chance and got screwed over.

        source
        • -> View More Comments
    • sukhmel@programming.dev ⁨10⁩ ⁨months⁩ ago

      Professionals in software development do not mean professionals in cyber security.

      Same way you don’t expect a geologist to be a mason

      source
      • prof@infosec.pub ⁨10⁩ ⁨months⁩ ago

        That’s a bad take. Unless you get your knowledge purely from shady tutorials or have a fast track bootcamp education, it’s unlikely you never touch on security basics.

        I’m a software design undergrad and had to take IT Sec classes. Other profs also touched on how to safely handle dependencies and such.

        While IT Security is its own specialisation, blindly trusting source code others provide you with is something a good programmer shouldn’t do.

        If you need a metaphor: Just because a woodworker specialises in tables, doesn’t mean they can’t build a chair.

        source
        • -> View More Comments
  • HubertManne@kbin.social ⁨10⁩ ⁨months⁩ ago

    Just another reason to not be doing any work before your paid. They can ask questions or do something static.

    source
  • redcalcium@lemmy.institute ⁨10⁩ ⁨months⁩ ago

    This is low. Imagine if you’re unemployed, doing rounds of job interviews and got hit with this mess.

    source
    • alb_004@lemm.ee ⁨10⁩ ⁨months⁩ ago

      It would be terrible.

      source