Alamy Image
Dubai - UAE professionals and worldwide face malware threat from the social media platform.
Professionals in the UAE and worldwide have been advised to be cautious of job offers they receive on LinkedIn because hackers are offering fake jobs on the social media platform to infect them with malware.
The scammers offer fake jobs to infect mobile phones and computers to steal the data of the professionals.
Cybersecurity solutions firm eSentire said its Threat Response Unit (TRU) has found that hacking groups are spearphishing professionals on LinkedIn with fake job offers to infect them with a sophisticated backdoor Trojan.
Backdoor trojans give threat actors remote control over the victim’s computer, allowing them to send, receive, launch and delete files.
“Hackers are spearphishing victims with a malicious zip file using the job position listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s job is listed as Senior Account Executive — International Freight the malicious zip file would be titled Senior Account Executive — International Freight position (note the “position” added to the end),” the Canadian cybersecurity firm said in a note.
“Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer. The threat group behind more_ eggs, Golden Chickens, sells the backdoor under a malware-as-a-service(MaaS) arrangement to other cybercriminals.
“Once more_eggs is on the victim’s computer system, the Golden Eggs seedy customers can go in and infect the system with any type of malware: ransomware, credential stealers, banking malware, or simply use the backdoor as a foothold into the victim’s network so as to exfiltrate data,” said eSentire, which employs more than 450 people across Canada, the US and the United Kingdom (UK).
So far, the Ontario-based firm said its TRU team has not discovered forensics indicating the identity of the hacking group which is trying to spearphish the LinkedIn members. However, this malware has been used by three notable threat groups FIN6, Cobalt Group, and Evilnum.
-waheedabbas@khaleejtimes.com