Developers, Beware: Fake Job Tests Contain Malware

If you’re a developer actively looking for your next role, you need to read this. The Olinio recruiting team warns of a sophisticated wave of job offer scams specifically targeting software developers. The trap is disguised as something entirely routine: a coding challenge.

The Threat Is Real, and It’s Growing

Cybersecurity specialists have uncovered a dangerous campaign that has been active since at least May 2025. North Korean threat actors are creating fake companies in the blockchain and crypto-trading sectors and posting convincing job listings on major platforms. These aren’t poorly written scam emails. They look professional, credible, and entirely legitimate. Once a developer applies and moves through the hiring process, they’re sent what appears to be a standard technical assessment: a project to run, debug, or improve. The attacker’s purpose, however, is simply to make the applicant run the code in order to infect their computer.

How the Attack Actually Works

The campaign relies on packages published to the npm and PyPI registries that act as downloaders for a Remote Access Trojan (RAT). Once executed, the RAT gives attackers alarming levels of access. It can list running processes on the host, execute arbitrary commands from a remote command-and-control server, and exfiltrate files from the victim’s machine. Multiple variants written in JavaScript, Python, and VBS have been found, showing an intention to target developers across different tech stacks.

Why Developers Are Being Targeted

Developers are a high-value target. They typically have access to company codebases, internal systems, cloud environments, and sensitive credentials. By compromising just one developer’s machine, attackers can potentially gain a foothold in an entire organisation. The fake job scenario is particularly effective because it exploits something developers fully expect during a legitimate hiring process. Running a test project is standard practice. It doesn’t raise the same alarm bells as a suspicious email attachment. That’s precisely what makes these job scams so dangerous. They’re engineered to feel familiar.

Red Flags to Watch for in Fake Online Job Lists

Knowing what to look for can make all the difference. Be cautious if you encounter any of the following:

• Job listings that appear on social media but link to companies with no verifiable web presence or history.
• Recruiters who skip phone or video calls and move unusually fast through stages.
• Companies operating in high-pressure sectors like crypto or blockchain that you’ve never heard of.
• Any technical assessment that requires cloning a repository and running code locally on your own machine, rather than using a browser-based IDE or sandboxed environment.
• Vague company details, generic job descriptions, or tight artificial deadlines on tasks.

Hiring scams prey on urgency. The more pressure you feel to act quickly, the more cautious you should be.

The Real Cost of Falling for a Job Scam

The consequences extend far beyond a compromised laptop. A RAT infection can result in stolen credentials, exposed client data, financial theft, and serious reputational damage, both to you and to any organisation you work for. For freelancers and contractors, the stakes are even higher: your device is your entire operation. Job offer scams don’t just waste your time. They can derail your career and compromise the security of everyone around you.

Ready to Find Your Next Role Safely with Olinio?

With fake online job lists increasingly convincing and on the rise, partnering with a trusted recruiter isn’t just a convenience, but an essential layer of protection. At Olinio, we only post carefully curated job opportunities. Our recruiters work directly with hiring managers, which means you always know exactly who you’re speaking with and why. Beyond safety, working with us offers you guidance to understand your market value, your tech stack, and what a legitimate hiring process genuinely looks like. We’ll help you identify real opportunities, prepare for authentic technical assessments, and navigate your next career move with confidence and clarity. The job market is competitive enough without the added danger of hiring scams. So, reach out to us today and let us connect you with verified, legitimate opportunities from employers who are genuinely looking for talent like yours.