According to researchers, threat actors are using zip files to trick LinkedIn users into executing the More_eggs backdoor.
Microsoft-owned social media for professionals LinkedIn has over 740 million users from 200 countries around the world. This makes it a lucrative target for cybercriminals. In the latest, LinkedIn professionals are being targeted by a phishing campaign that drops More_eggs backdoor.
The Threat Response Unit (TRU) at eSentire, a Waterloo, Ontario-based cybersecurity firm has discovered an ongoing fake jobs spearphishing scam that is infecting the computer systems of LinkedIn users with dangerous and nasty More_eggs backdoor.
How More_eggs backdoor spreads?
In February 2020, Checkpoint researchers reported how attackers were using More_eggs backdoor to target anti-money laundering officers and abused LinkedIn’s messaging services to offer fake job opportunities to spread the malware.
SEE: Hackers set up fake cybersecurity firm to target reaserchers
At that time, attackers posed as staffing companies to send compromised and malicious website links to job seekers and later followed up via emails. In both cases, the aim was to infect victims’ devices with the More_eggs backdoor to steal data.
However, this time, according to eSentire’s blog post, threat actors are using zip files to target victims based on the job description on their LinkedIn profile.
If the Linked ..
Support the originator by clicking the read the rest link below.
