A recent malware campaign has been uncovered, targeting victims in Europe and the Middle East through LinkedIn spear-phishing messages. The targets are in the aerospace and military fields, and the attackers are impersonating human resource employees from Collins Aerospace and General Dynamics. Targets receive messages advertising fake job offers that include malicious documents that exfiltrate data from the device.
The spear-phishing messages on LinkedIn are part of a larger campaign called Operation In(ter)ception, which targeted similar victims. The primary goal of the attacks is believed to be espionage, however, in at least one instance the attackers attempted to utilize a compromised email account in a business email compromise (BEC) attack.
Read More: LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware