With unemployment on the rise and with a weird COVID-influenced economy, job hunting has become very difficult. LinkedIn has become a tool for a number of job hunters to look for remote jobs or local jobs online. However, things might have become more dangerous due to these job offers now being the target of cyber criminals.
Beware of 'Golden Chickens'
eSentire, a security firm, recently reported how hackers connected to a popular group called the "Golden Chickens" have now been lacing malicious files to job seekers looking for the perfect position. The campaigns involve tricking unsuspecting business professionals into clicking a job offer titled with the position they are searching.
A simple message is slid into the victim's DMs offering rigged .zip files, which had malwares called "more_eggs" that would allow hackers to hijack the victim's devices. Researchers then explained how the attack works.
LinkedIn Malicious Files
According to researchers, if a certain LinkedIn member's job is then listed as a Senior Account Executive-International Freight, the malicious file would then be called "Senior Account Executive-International Freight position. It is important to note the "position" word added to the end.
When the victim opens this file, they would then be given a stealthy installation of a fileless backdoor, more_eggs. This is where the victim's unit would then be compromised and the hackers would do their dirty work.
Job Offer Malware
According to Gizmodo, the "Chickens" probably aren't the ones conducting the said attacks by themselves but are pedaling what would be classified as a MaaS or Malware-as-a-service. This would mean that cybercriminals would purchase the malware from them to do the hacking. The report also notes that the entities behind the campaign are still unclear.
The "more_eggs" backdoor trojan is now basically a program that would allow other massively destructive types of malware to be injected into the device or computer. Once the cybercriminal uses trojan to gain access into a victim's system, they will be able to deploy more critical malware like banking malware, ransomware, or even credential stealers in order to cause more damage to the victim.
Read Also: How to Check if My Facebook Data Have Been Hacked [2021]: 533 Million Accounts Compromised
Unemployed Victims
Sr. Director of TRU or Threat Response Unit at eSentire, Rob McLeod, recently called the activity "partially worrisome" due to the compromise attempts that could potentially hurt businesses and even business professionals. McLeod said that unemployment rates have drastically climbed up since the COVID pandemic which is why it is perfect for cyber criminals to take advantage of those searching for employment.
This is why cybercriminals lure victims with enticing promises during these really troubled times. The troubling cyber attack is now directed at those people searching for a legitimate job online. The psychology behind the cyber attack is to target those desperate to get a job and although some might be cautious, due to desperation, others might still open the corrupted file.
Related Article: Facebook Now Faces $15 Billion Lawsuit Over Tracking Users Through 'Like' Button
This article is owned by Tech Times
Written by Urian Buenconsejo