Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Cyber-criminals are looking for English-speaking hackers skilled at social engineering, as recruitment ads appear to double year-on-year.
Business appears to be booming if you’re a cyber-criminal, with hacker recruitment ads on the darknet practically doubling over the last couple of years.
Posts looking for specialist hacking skills doubled on forums such as Exploit and RAMP from 2023 to 2024, and already in 2025, the volume looks to be doubling again, as job posts have already hit last year’s total, according to new research from cyber security firm ReliaQuest.
“Think of job postings and platforms like LinkedIn or Indeed come to mind. But cybercriminals have their own thriving job market on the dark web,” ReliaQuest said in an August 21 blog post.
“Here, ‘recruiters’ seek specialists with cutting-edge skills, driving adversaries to upskill and act as job seekers in an ecosystem that mirrors legitimate hiring practices.”
Since 2023, the most in-demand skills have been related to cloud security, the Internet of Things, and English-language social engineering experience. However, in 2024 knowledge of AI and deepfakes emerged as a desirable skillset, while in 2025, demand for English speakers surged by a factor of ten.
2025 also saw the job ads looking for individuals skilled with the social engineering technique known as ClickFix, a technique that relies upon tricking victims into running malicious code under the guise of what appears to be a typical CAPTCHA check.
SUB Anatomy of a recruitment post
One April 2025 post on Exploit forum, translated from Russian, advertised a role for an artificial intelligence expert, highlighting the growing interest in integrating AI-powered automation into cyber-crime workflows.
“We are looking for a qualified specialist who will be engaged in the setup, training and integration of artificial intelligence for pentesting tasks on our server infrastructure,” the post said.
The job post goes on to list the responsibilities of the role, which include developing security testing scenarios, performance analysis, and optimisation. The requirements for the role read like a legitimate job ad:
Other similar ads focus on knowledge of cryptocurrency terminology, online availability, and business communications. If you didn’t know otherwise, you’d think you were reading a job posting on Seek.
You can read the full blog post here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
