The Internal Revenue Service headquarters building in the Federal Triangle section of Washington, D.C. Among phishing schemes to emerge recently is one targeting university students with promises of tax refunds. (Photo by Chip Somodevilla/Getty Images)
A series of published reports are cautioning end users and employers to watch out for several newly discovered or trending sneaky social engineering techniques – include the use of personalized job lures, false promises of tax refunds for university staffers and students, and even voice manipulation for vishing campaigns.
Rotten eggs: Golden Chicken group cooks up fake job offers
Experts at the Threat Response Unit at eSentire this week warned in a blog post report that the hacking group Golden Chickens is spear phishing business professionals on LinkedIn with fake job offers that appear to perfectly match their expertise and experience – all in attempt to infect them with a fileless backdoor trojan called more_eggs.
The backdoor, which is sold as a malware-as-a-service offering to affiliate cybercriminal entities including the infamous FIN6, Cobalt Group and Evilnum groups, comes packaged in a malicious zip file with a file name that includes the exact job position that’s listed on the individual target’s LinkedIn profile.
“For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight, the malicious zip file would be titled Senior Account Executive—International Freight position (note the ‘position’ added to the end),” the blog post states. “Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs.” Infected individuals are then prone to secondary infections initiated by the MaaS user, including ransomware or credential stealers.
While this observed beh ..