Prolific cybercrime crew Scattered Lapsus$ Hunters (SLSH) is reportedly recruiting women in the hope of improving its social engineering success.
According to Telegram channel posts made on February 22, gathered by Dataminr, the group behind last year’s Salesloft Drift attacks promised payments between $500-$1,000 per call, depending on “success and hit rate.”
Interested applicants are invited to apply by sending a message to the group’s “Support” account. They will be asked a series of questions before being accepted, the group said, and those who pass the test will be given a script to work from.
SLSH is known for effective social engineering. Experts who have listened in on calls carried out by Scattered Spider, one of the groups that form the cybercrime triad, previously confirmed that its tactics are sophisticated and highly effective.
The Telegram ads suggest that SLSH is looking for people to socially engineer IT helpdesk staff. This aligns with the group’s typical MO of deceiving IT helpdesks into handing over credentials that attackers can use to gain access to an organization’s network.
“This recruitment drive represents a calculated evolution in SLH’s tactics,” said Jeanette Miller-Osborn, field cyber intelligence officer at Dataminr.
“By specifically seeking female voices, the group likely aims to bypass the ‘traditional’ profiles of attackers that IT helpdesk staff may be trained to identify, thereby increasing the effectiveness of their impersonation efforts.”
Miller-Osborn recommends that organizations make their helpdesks aware of these shifting tactics and ensure identities are thoroughly verified, either through video calls or secondary internal verification.
SLSH’s recruitment drive is the latest in what appears to be a trend of crowdsourcing efforts.
Back in October, and again via Telegram, the group said it would pay anyone $10 in Bitcoin to “endlessly harass” executives at organizations it was trying to extort.
“You have permission to endlessly harass these executives till they comply with us,” its message stated. “When we tell you stop emailing a company or number of executives emails, you are to stop emailing them. This will be centralized and well operated.”
When The Register asked SLSH about how many people had taken up its offer after the first few days, it claimed it had “practically paid out over $1,000 at this point,” though these claims cannot be independently verified. ®