A new campaign has been observed to target job hunters seeking opportunities via Linkedin. A threat group named Golden Chickens is allegedly behind the campaign, which creates fake job offers to lure professionals into downloading a backdoor Trojan called more_eggs. The spear-phishing campaign was discovered by researchers at eSentire. The phishing emails lure the target into clicking on a malicious .ZIP file by using social engineering tactics such as using the victim’s current job title to make the messages more convincing.
After opening the fake job offer, the victim’s device is compromised by the fileless backdoor more_eggs, which features stealthy installation tactics. More_eggs can then fetch additional malware and provide access to the victim’s system. the Golden Chickens group also advertises more_eggs as malware-as-a-service to other cybercriminals, who use the software to install other types of malware, credential steals, and ransomware, according to eSentire.
Read More: LinkedIn Spear-Phishing Campaign Targets Job Hunters
