Someone is trying to recruit security researchers in bizarre hacking campaign

Summary

Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month? Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what look like a series of fake accounts with avatars displaying photos of attractive women, and sliding into the direct messages of several cybersecurity professionals and researchers on X in the last couple of weeks. “We are recruiting webshell engineers and teams to penetrate Chinese websites worldwide, with a monthly salary of up to $100,000. If you are interested, you can join our channel first,” read the message, which included a link to a Telegram channel. For some reason, I also received this message from an X account named “Look at my homepage,” which had a username, @JerelLayce88010, that looked like it was randomly generated. When I followed the link, I was able to see the admin of the channel, someone who goes by the name “Jack” and has an AI-generated avatar of a pirate. “Are you proficient in penetration technology?” Jack asked me. I am not, but I asked Jack to tell me more about their goals. “Get webshells from Chinese registered domains. There is no specific target. As long as the domain is registered in China, it is our target range,” said Jack, referring to web shells, programs or scripts that hackers can use to control hacked web servers. “You need to understand China’s CMS…” — referring to content management systems, the software that runs the backends of websites — “…find loopholes, and be able to obtain webshells in batches. There is no upper limit to the number we need. The more the better. This is a long-term job. We can establish long-term cooperation.” Yes, but crucially, why? “What I need is China’s traffic,” Jack said, perhaps losing patience with my questions. OK, but, for what? At this point, Jack definitely got tired of my questions and gave me an assignment: Get me three web shells on any domain registered in China so I kno...