Chinese intelligence operatives are using LinkedIn and other job platforms to target Western professionals with access to sensitive information. An official advisory warns of the coordinated recruitment campaign.
Chinese spies are leveraging professional networking sites to identify and recruit individuals with access to non-public information, according to a newly issued advisory.
The intelligence agencies warn that operatives create fake profiles and personas on LinkedIn to establish relationships with target individuals. Once trust is established, the recruiters attempt to extract sensitive corporate or government data.
The targeting strategy focuses on professionals in technology, defense, finance, and other sectors handling restricted information. Operatives often pose as legitimate recruiters or business contacts, gradually shifting conversations toward requests for proprietary details or classified material.
Common tactics include:
- Offering lucrative job opportunities to build credibility
- Requesting information "for interview preparation" or "market research"
- Exploiting professional curiosity about competitors or industry trends
- Cultivating relationships over months before making direct requests
The advisory recommends professionals verify recruiter identities through official company channels before sharing any information. Users should be cautious of unsolicited job offers with unusually high compensation or vague job descriptions.
Organizations are advised to conduct security awareness training emphasizing the risks of social engineering on public platforms. Employees should report suspicious recruiting activity to their security teams.
This recruitment method represents a shift in espionage tactics, moving beyond traditional hacking to exploit human vulnerability. The use of legitimate business platforms makes detection difficult, as the activity appears indistinguishable from normal professional networking.
No specific number of compromised individuals has been disclosed, though the advisory suggests the campaign is ongoing and widespread.
A new Magecart skimming operation is leveraging Stripe's API infrastructure to both deliver card-stealing malware and exfiltrate payment data from compromised checkout pages.
A former IBM cybersecurity executive filed a lawsuit alleging that IBM and AT&T concealed repeated foreign hacker breaches from US government authorities, violating disclosure laws.
OpenAI's Sam Altman, Anthropic's Dario Amodei, and other tech executives have signed an open letter urging US lawmakers to strengthen oversight of synthetic DNA sequences. The signatories warn that improved tracking is needed to prevent AI-assisted development of bioweapons.
Threat actors are actively recruiting and training inexperienced attackers to identify and exploit vulnerabilities in corporate security programs. A popular underground hacking tutorial reveals how modern attackers systematize the process of finding and profiting from weak defenses.