According to researchers, hackers use spear phishing with a malicious zip file using the workstation listed on the target’s LinkedIn profile.
(Subscribe to our Today’s Cache newsletter for a quick rundown of the 5 best tech stories. Click here to subscribe for free.)
According to researchers at eSentire, a group of hackers are launching phishing professionals on LinkedIn with bogus job offers to gain remote control of the victim’s computer.
Spear phishing is an email or electronic communication scam in which a victim receives an email that leads them to a bogus website infected with malware. The aim of the attack is to steal data or install malware on the victims’ device.
According to researchers, hackers use spear phishing with a malicious zip file using the workstation listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s position is listed as Senior Account Executive – International Freight, the malicious zip file will be titled Senior Account Executive – International Freight position.
Once a user opens the bogus job posting, they initiate the installation of a no-file backdoor titled “more_eggs”. Once loaded, the backdoor Trojan may download additional malicious plugins and provide convenient access to the victim’s computer.
Besides, it can infect the system with any kind of malware including ransomware, credential thieves, banking malware, or just use the backdoor as a jumping off point in the victim’s network. in order to exfiltrate the data.
More_eggs presents a significant threat to the business because it uses normal Windows processes to run, which means it will generally not be detected by automated antivirus and security solutions.
Cybercriminals are taking advantage of rising unemployment rates since the COVID pandemic. Attracting job seekers is more attractive in these times.