The recruitment efforts of a criminal organization known as The Com are focusing on young individuals, particularly teenagers, to carry out ransomware attacks against major corporations. These job postings, which promise earnings of $300 per successful call paid in cryptocurrency, specifically target females and emphasize that no prior experience is necessary. The organization, which has around 1,000 members and is linked to groups such as Scattered Spider and Lapsus$, has successfully breached over 120 companies since 2022, affecting businesses with a combined market cap exceeding $1 trillion.
Despite the seemingly innocuous nature of these job ads, they mask the true intention of recruiting for illegal activities. The Com thrives on exploiting the technical skills and English fluency of its youthful recruits, while also relying on their naivety and tendency to communicate openly online, which poses risks of detection by law enforcement. Beginning in 2024, several arrests and indictments have highlighted the dangers associated with this organization, including a notable case in which a 20-year-old was sentenced to ten years in federal prison and ordered to pay $13 million in restitution for his involvement.