A cybersecurity firm found out that hackers are taking advantage of LinkedIn to spear-phish victims with fake job offers.
These bad actors target business professionals on the platform to insert sophisticated backdoor Trojan in the guise of a tempting job offer. Said trojan, dubbed more_eggs, allows hackers control over the victim’s computer – may it be to send, receive, open, and delete files or data – without the latter’s knowledge.
They simply launch it by sending a zip file renamed in a job position according to the target’s LinkedIn profile. If fully installed, they can infect the target’s computer whatever they wish with any kinds of malware: ransomware, and banking malware, among others.
This kind of spear-phishing is effective due to the ongoing COVID-19 pandemic, wherein unemployment rates have risen rapidly. According to RobMcLeod, Sr. Director of the Threat Response Unit (TRU) for eSentire, the timing is apt to take advantage of job seekers desperate to find employment during these troubled times.
The unscrupulous group behind more_eggs is called Golden Chickens, which sells the back door under a malware arrangement to other cybercriminals.