Today’s cybercrime organizations are increasingly functioning as legitimate enterprises, advertising job openings on the dark web and luring prospective employees with attractive monthly salaries, benefits, and vacation time.
According to a new Kaspersky report published by Securelist that analyzed 200,000 job ads posted on 155 dark websites between March 2020 and June 2022, hacking groups and APT(Advanced Persistent Threat) groups were primarily interested in hiring software developers, around 61% of all ads and were willing to offer very attractive salaries and benefits to do so.
Kaspersky researchers found a monthly compensation of $20,000 for the best-paying position they came across, while attack specialists were offered a maximum of $15,000.
In addition to data analysts, malware and tool developers, initial compromise actors, reverse engineers, website and phishing email designers, malware testers, and IT administrators, hacking groups are always on the lookout for people to cover a wide variety of other positions.
Kaspersky looked at the pay range for IT workers and found that it was between $1,300 and $4,000 per month, with designers making the least and reverse engineers making the most.
What can $4K get you on the #darkweb? Quite a bit, including a #ReverseEngineer.
See what else we found analyzing the dark web job market 👉 https://t.co/Tj2n4eP7R3 pic.twitter.com/bKhQQqiBUU
— Kaspersky (@kaspersky)
Out of all those jobs, almost one-third of the openings were for full-time jobs, and the same number of them let applicants choose their own hours.
Some dark web employers even go so far as to offer paid vacation and sick days to their remote staff.
These “employment” packages are highly competitive when compared to similar jobs in the legal industry and could attract unemployed professionals or young IT grads who are having problems finding work.
Even though there are benefits to working for an employer on the dark web, Kaspersky says that the risks are still greater than the benefits.
To name a few, employers are not liable for anything if they don’t have a signed contract with an employee, while a worker can be wrongfully accused, not compensated, or swept up in a fraudulent operation.
As per the report, Q1 of 2020 saw the highest number of ads posted, coinciding with the major workforce shifts brought on by the COVID-19 epidemic. The second uptick occurred in the time span between the fourth quarter of 2021 and the first quarter of 2022.
What is more interesting is that the recruiting process for these jobs is quite structured and follows proper industrial standards. Before giving someone a job, cybercriminal recruiters often make them take tests designed to see how knowledgeable they are in relevant areas. Occasionally, recruiters will additionally examine the candidate’s resume or portfolio. A job seeker is invited for an interview for only about one in four posted positions. Kaspersky typically spotted job postings that stated a test assignment would be worth around $300 in bitcoin.
In another posting, the candidate was asked to encrypt a test DLL within 24 hours so that antivirus software couldn’t find it which was part of a multi-stage screening process.
Due to the fact that cybercrime is becoming more professional, threat actors will continue to use the dark web as a regular source of income. However, Kaspersky’s report warns of key research findings that these jobs are indeed very appealing for people who have been subjected to the unfair abuse of political unrest, a bad economy, or a lack of jobs in their field of interest; these openings may appear to be a lifeline. There are, however, a lot of risks that come with working for an employer on the dark web. These risks can range from being scammed to being wrongly accused, arrested, tried, and sent to prison.
This content was originally published here.