Topics

late

AI

Amazon

Article image

Image Credits:rob dobi / Getty Images

Apps

Biotech & Health

mood

This illustration features a speech bubble with a hooded figure (perhaps a hacker) stepping out of the speech bubble.

Image Credits:rob dobi / Getty Images

Cloud Computing

Commerce

Crypto

initiative

EVs

Fintech

Fundraising

widget

Gaming

Google

Government & Policy

computer hardware

Instagram

layoff

Media & Entertainment

Meta

Microsoft

privateness

Robotics

Security

Social

Space

inauguration

TikTok

Transportation

speculation

More from TechCrunch

upshot

Startup Battlefield

StrictlyVC

Podcasts

video

Partner Content

TechCrunch Brand Studio

Crunchboard

touch Us

Are you willing to hack on and take controller of Chinese websites for a random someone for up to $ 100,000 a month ?

Someone is making precisely that tantalizing , bizarre , and understandably unelaborated caper go . The person is using what looks like a serial of phoney accounts with avatar display photos of attractive women and sliding into the lineal messages ofseveralcybersecurityprofessionalsandresearchersonXin the last couple of week .

“ We are recruiting webshell engineers and teams to penetrate Chinese internet site worldwide , with a monthly remuneration of up to $ 100,000 . If you are interested , you’re able to link up our TV channel first , ” register the message , which include a link to a Telegram groove .

For some reason , I also received this message from an ten account named “ count at my home page , ” which had a username , @JerelLayce88010 , that look like it was randomly generated .

When I followed the link , I was capable to see the admin of the channel , someone who goes by the name “ Jack ” and has an AI - sire avatar of a sea robber .

“ Are you proficient in incursion technology ? ” Jack ask me .

I am not , but I enquire Jack to tell me more about their destination .

Join us at TechCrunch Sessions: AI

Exhibit at TechCrunch Sessions: AI

“ Get webshells from Chinese read domains . There is no specific target . As long as the domain is register in China , it is our target orbit , ” said Jack , referring toweb shells , programs or scripts that hackers can employ to control hack web server . “ You need to interpret China ’s CMS ” — bring up to capacity management systems , the software that runs the backends of websites — “ find loophole , and be able to hold webshells in batches . There is no upper limit to the number we involve . The more the better . This is a foresightful - term job . We can establish long - term cooperation . ”

Yes , but crucially , why ?

“ What I postulate is China ’s traffic , ” Jack said , perhaps losing longanimity with my questions .

OK , but for what ?

At this stage , Jack decidedly got tired of my questions and gave me an assignment : Get me three web shells on any knowledge base register in China so I eff you have the skills . Generously , Jack offer me $ 100 for each cut up domain .

Alas , I still do n’t have the skill to do that , nor the willingness to break the natural law . Instead I retain require interrogative , including who Jack was working for . “ Indian government , ” Jack respond , although in a subsequent chat Jack contradicted that , blaming reflexive translation , which they said they were using because Chinese is their first language .

I spoke to some of the research worker who draw Jack ’s unusual Book of Job offer , and they were also puzzled . Nobody said they have gotten a malicious link , for exemplar , or leery questions that would indicate some sort of doxing or cozenage campaign .

“ I am opine it ’s a trolling [ rather ] than some serious scourge actor , ” allege s1r1us , a security researcher who received a decimeter from one of Jack ’s sockpuppet chronicle on X. “ If they want to engage top talent this is not definitely the means . ”

The Grugq , a well - known cybersecurity expert , severalise TechCrunch that he has never escort anything like this recruiting cause . “ I have seen [ people ] asking dumb inquiry and spamming for various cybersecurity - related things , ” he say . “ But never anything like the persistent , widespread , bizarre s — from this guy wire . ”

allot to The Grugq , perhaps the goal is to taint citizenry inside China with malware , as it does n’t make sense to use Chinese domains to launchDDoS attacksor spam , because that would n’t justify the high defrayal .

“ I really ca n’t think of wtf they ’re doing , ” The Grugq reason out . “ It makes no sense . ”

And neither can anyone else , manifestly . Godspeed , Jack , in whatever adventure you are embarking on .