KUALA LUMPUR (Oct 22): A criminal organisation thought to have built the software that shut down a U.S. fuel pipeline has set up a fake company to recruit potential employees.

In a report Thursday, the Wall Street Journal (WSJ), citing researchers at the intelligence firm Recorded Future and Microsoft Corp said the fake company is using the name Bastion Secure.

WSJ said on a professional-looking website, the company says it sells cybersecurity services.

But the site’s operator is a well-known hacking group called Fin7, Recorded Future and Microsoft say.

Fin7 is believed to have hacked hundreds of businesses, stolen more than 20 million customer records and written the software used in a hack that disrupted gasoline delivery in parts of the Southeastern U.S., federal prosecutors and researchers say.

WSJ said the Bastion Secure website, which uses the logo BS, has listed jobs that are technical in nature and appear similar to work that would be performed at any security company—programmers, system administrators and people who are good at finding bugs in software.

It said the attempt to impersonate a legitimate company for recruiting purposes represents a new development by purveyors of ransomware to grow and spread a scourge that has disrupted meat production, hospital care, education and hundreds of businesses.

Citing security researchers, the report said with hundreds of millions of dollars in illegal earnings, ransomware operators are increasingly operating like criminal startups with professionalised support staff, software development, cloud-computing services and media relations.

It added that Emails to an address listed on the Bastion Secure website went unanswered.

Meanwhile, a phone call to an Israeli number listed on the site was answered by a Russian-speaking man, it said.