Summary

Malware distributors can be pretty heartless.

They usually target people when they’re most vulnerable to ensure their payloads do the maximum damage.

What Is the Warmcookie Malware?

new WhatsApp privacy feature

Warmcookie finds its way onto PCs after a victim is infected with a malicious app.

The app downloads a Warmcookie DLL that creates a process in Windows that triggers every 10 minutes.

Once it’s on someone’s PC, it sends information back to its host.

woman searching for job with alert symbol

myboys.me/iChannn/SkillUp/Shutterstock

Warmcookie, by itself, is pretty standard fare when it comes tospyware.

What makes it particularly nefarious is how it gets on your box in the first place.

How Does Warmcookie Spread to Jobseekers?

A fake Warmcookie Captcha

Elastic

In this case, the malware developer is acting upon the emotional rollercoaster of job hunting.

They prey on people who are likely desperate to land a job by giving them a fake job offer.

Once the job seeker enters the CAPTCHA, the client downloads a Javascript file that contains Warmcookie.

A screenshot taken by Warmcookie

Elastic

From there, the malware can get to work.

What Does Warmcookie Do After Infecting a Computer?

If asked to, it can install apps and services on the target computer without the victim’s knowledge.

A fake email spreading Warmcookie

Elastic

Other malware distributors use job boards to post fake adverts and trick people who sign up for them.

If in doubt, ask your manager or HR about the email to see if it’s legitimate.

You may bring to light a social engineering ploy targeting the company where you work.

If you’re applying for jobs, job boards are a good way to find work.

However, you gotta double-check the companies you’re applying to before you send off your resume.

Ensure they fit the bill, look professional, and have been around for a good while.

Check outhow to identify and avoid job posting scamsfor more information.