Increasingly, organized crime organizations are operating as businesses rather than criminal organizations, advertising jobs on the dark web with a number of advantages for members. A recent Kaspersky study found that 61% of job ads posted by hacking and APT groups on 155 dark websites from March 2020 to June 2022 were seeking software developers with attractive compensation packages. Kaspersky's analysis uncovered job ads offering up to $20,000/month for top-paying positions and $15,000/month for skilled attack specialists. There are also other roles that are sought by hacking groups, including the following:-. While on the other hand median pay for IT professionals varied from $1,300 to $4,000 per month, with reverse engineers earning more and designers receiving less. Recruiters in one-third of the job ads posted offered full-time employment, and the same percentage offered flexible schedules to candidates. Some dark web employers aim to make their job proposals appealing by offering paid vacation and sick leave to remote workers in 8% of cases. The key job advantages that are offered by cybercriminals are lucrative and here they are mentioned below:-. Reverse engineers receive a median wage of $4000 a month on a monthly basis, which is notable. While the further packages for each post are mentioned below:-. Compared to similar positions in legitimate job markets, the job packages offered on the dark web are attractive because they offer competitive salary packages. Those who are unable to find employment may find this appealing to them, especially those who are unemployed professionals or recent IT graduates unable to find employment. Q1 2020 saw the largest number of ads posted, coinciding with the major disruptions caused by the COVID-19 pandemic on the workforce. It appears that a second spike occurred between the fourth quarter of 2021 and the first quarter of 2022. It has been reported that some dark web job ads promise salaries that are much higher than those quoted above. A job posting on the dark web advertised a job where a successful candidate could receive up to $100,000 per month as compensation for pentesting. In an interesting twist, the work was described as legal under the terms of the contract. Additionally to the salary, many of the employees received performance-dependent commissions as part of their compensation. Cybercriminal recruiters evaluate applicants' abilities through test assignments during the hiring process to determine their proficiency in the area they claim to be proficient in. Sometimes recruiters review an applicant's CV or portfolio and conduct a job interview in 25% of the postings. There was one job posting that promised candidates around $300 in Bitcoins in exchange for an assignment that would involve a test. One job offer requires a multi-step screening with a 24-hour challenge to encrypt a test DLL to be undetectable by anti-virus software. With cybercrime operations becoming more business-oriented, the dark web remains a recruitment venue for threat actors seeking a reliable income. Working for a dark web employer can be a very risky proposition, which is why it is crucial that you understand the risks involved. Here below we have mentioned the key risks that are involved in these jobs:-. It is clear that there are more risks involved with working for an employer on the dark web than there are benefits.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 01 Feb 2023 17:13:02 +0000