Hackers hide malware in fake LinkedIn job offers, according to new report released by security company ESentire. The company's Threat Unit (TRU) has discovered that cybercriminals are hiding malicious zip files in fake job offers, on the popular social network, in a new form of spear phishing attack.
"For example, if a LinkedIn user's job is listed as Senior Account Executive - International Freight, the malicious zip file will be titled Senior Account Executive - International Freight position (note the" position "added at the end).
Thus, the victim unknowingly starts installing the backdoor trojan "more_eggs". Banking trojan is a program that allows other, more destructive types of malware to load on the system of a device or a computer. Once a hacker uses the trojan to gain ground in the victim's system, he can develop ransomware, banking malware or "thieves" credentials, to cause more chaos to his victim.
The malware displays one "Fraudulent" Word document to the victim, which looks like a job application, but in fact serves "no functional purpose". It does this while violating legitimate Windows procedures, allowing malware to gain access to the victim's computer. "It is simply used to distract the victim from the tasks performed by more_eggs", the company pointed out.
Robb McLeod, senior director of TRU, said the malware is "Terrible threat to businesses and professionals". It is not obtained from regular anti-virus software and security solutions, as it uses normal Windows procedures. Users are also more likely to download malware, as it is hidden inside a job post they are already interested in.
Finally, eSentire noted the following: "It's the perfect opportunity for hackers to exploit people who are desperate to find work. "Thus, a customized work ethic is even more tempting, especially in this time of crisis brought about by the COVID-19 pandemic."
Source of information: livemint.com