- SLSH is recruiting ladies to extend effectiveness of social engineering on IT helpdesks
- Candidates are paid between $500 and $1,000 per name relying on success
- Contributors should cross screening questions and observe a scripted set of directions
The infamous hacker group Scattered Lapsus$ Hunters, also called SLSH, is reportedly recruiting ladies to enhance the effectiveness of its social engineering operations.
Telegram posts dated February 22 and picked up by Dataminr point out the group is providing funds between $500 and $1,000 per name, relying on “success and hit charge.”
Candidates are instructed to contact the group’s “Assist” account, reply screening questions, and, if accepted, observe a ready script throughout calls.
Recruitment course of and name construction
The target seems to be to deceive IT assist desk employees into offering login credentials that may later be used to entry company networks, which aligns with the group’s recognized strategies of manipulating inner assist groups into resetting passwords or bypassing authentication procedures.
Consultants who’ve monitored calls linked to affiliated actors describe the methods as structured and efficient.
“This recruitment drive represents a calculated evolution in SLH’s techniques,” mentioned Jeanette Miller-Osborn, discipline cyber intelligence officer at Dataminr.
“By particularly searching for feminine voices, the group probably goals to bypass the ‘conventional’ profiles of attackers that IT assist desk employees could also be skilled to determine, thereby growing the effectiveness of their impersonation efforts.”
SLSH’s current marketing campaign follows earlier public recruitment makes an attempt performed by way of Telegram.
In October 2025, the group supplied $10 in Bitcoin to anybody keen to “endlessly harass” executives at organizations it was trying to extort.
“You’ve gotten permission to endlessly harass these executives until they adjust to us,” the message acknowledged, including the exercise can be “centralized and effectively operated.”
When questioned about participation ranges, the group claimed it had “virtually paid out over $1,000 at this level,” though that determine couldn’t be independently verified.
The shift towards paid voice impersonation suggests continued reliance on outsourced individuals moderately than tightly managed inner operations.
The recruitment exercise comes amid sustained felony stress on main manufacturers.
ShinyHunters alleged it had obtained 1.7 million CarGurus records and individually claimed Panera Bread as a victim of stolen credentials.
Ransomware assaults have continued to rise in 2025, with gangs reappearing beneath new names regardless of prior disruption efforts.
Miller-Osborn recommends that organizations make their assist desks conscious of those evolving techniques and guarantee identities are verified by way of video calls or secondary inner affirmation.
Strengthening inner firewall guidelines and implementing identity theft protection controls may assist deal with this menace.
Additionally, implementing strict malware removal procedures could scale back publicity if credentials are compromised.
Cyber scams continue to thrive regardless of international raids, and the commercialization of social engineering, with auditions and performance-based pay, exhibits criminals rely extra on human manipulation than on technical intrusion.
Through The Register
Follow TechRadar on Google News and add us as a preferred source to get our professional information, critiques, and opinion in your feeds. Be sure to click on the Observe button!
And naturally you can too follow TechRadar on TikTok for information, critiques, unboxings in video type, and get common updates from us on WhatsApp too.
