- SLSH is hiring women to increase the effectiveness of social engineering in IT helpdesks
- Applicants receive between $500 and $1,000 per call, depending on success.
- Participants must pass screening questions and follow a set of written instructions.
The famous hacking group Scattered Lapsus$ Hunters, also known as SLSH, is reportedly recruiting women to improve the effectiveness of its social engineering operations.
Telegram posts dated February 22 and compiled by Dataminr indicate that the group is offering payments between $500 and $1,000 per call, depending on “success and hit rate.”
Applicants must contact the group’s “Support” account, answer screening questions and, if accepted, follow a prepared script during the calls.
Hiring process and call structure.
The goal appears to be to trick IT help desk staff into providing login credentials that can then be used to access corporate networks, which aligns with the group’s known methods of manipulating internal support teams to reset passwords or bypass authentication procedures.
Experts who have followed the calls linked to affiliated actors describe the techniques as structured and effective.
“This recruiting campaign represents a calculated evolution in SLH tactics,” said Jeanette Miller-Osborn, field cyber intelligence officer at Dataminr.
“By specifically targeting female voices, the group likely aims to bypass ‘traditional’ attacker profiles that IT help desk staff may be trained to identify, thereby increasing the effectiveness of their impersonation efforts.”
SLSH’s recent campaign follows previous public recruitment attempts conducted via Telegram.
In October 2025, the group offered $10 worth of Bitcoin to anyone willing to “relentlessly harass” executives of the organizations it was trying to extort.
“You have permission to endlessly harass these executives until they comply with us,” the message said, adding that the activity would be “centralized and well-operated.”
When asked about participation levels, the group claimed it had “pretty much paid over $1,000 at this point,” although that figure could not be independently verified.
The shift toward paid voice spoofing suggests a continued reliance on outsourced participants rather than tightly controlled internal operations.
The recruitment activity comes amid sustained criminal pressure on major brands.
ShinyHunters alleged that it had obtained 1.7 million records from CarGurus and separately claimed Panera Bread as a victim of stolen credentials.
Ransomware attacks have continued to increase in 2025, and gangs have reappeared under new names despite previous disruption efforts.
Miller-Osborn recommends that organizations inform their help desks about these evolving tactics and ensure identities are verified through video calls or secondary internal confirmation.
Strengthening internal firewall rules and enforcing identity theft protection controls could help address this threat.
Additionally, implementing strict malware removal procedures can reduce exposure if credentials are compromised.
Cyber scams continue to thrive despite global raids, and the commercialization of social engineering, with auditions and performance-based pay, shows that criminals rely more on human manipulation than technical intrusion.
Through The Registry
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
