Recruitment Phishing Scam Imitates CrowdStrike Hiring Process

This CrowdStrike report details a phishing campaign using a fake recruitment CRM (cscrm-hiring.com) that distributes a malicious installer which fetches XMRig and a configuration file, installs persistent copies of the miner and downloader (via file drops, a startup batch, and a Run registry entry), and connects to an attacker-controlled mining pool; the report provides network and host IOCs (domains, IPs, URLs, SHA-256 hashes, file paths, registry keys) and advises vigilance, employee education, and endpoint/network monitoring.