UAE fake jobs alert: Hackers using LinkedIn to steal data

UAE professionals and worldwide face malware threat from the social media platform

  
Image used for illustrative purpose. A participant uses a laptop computer as he takes part in the Seccon 2016 final competition on January 28, 2017 in Tokyo, Japan.

Image used for illustrative purpose. A participant uses a laptop computer as he takes part in the Seccon 2016 final competition on January 28, 2017 in Tokyo, Japan.

Getty Images

Professionals in the UAE and worldwide have been advised to be cautious of job offers they receive on LinkedIn because hackers are offering fake jobs on the social media platform to infect them with malware.

The scammers offer fake jobs to infect mobile phones and computers to steal the data of the professionals.

Cybersecurity solutions firm eSentire said its Threat Response Unit (TRU) has found that hacking groups are spearphishing professionals on LinkedIn with fake job offers to infect them with a sophisticated backdoor Trojan.

Backdoor trojans give threat actors remote control over the victim’s computer, allowing them to send, receive, launch and delete files.

“Hackers are spearphishing victims with a malicious zip file using the job position listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s job is listed as Senior Account Executive — International Freight the malicious zip file would be titled Senior Account Executive — International Freight position (note the “position” added to the end),” the Canadian cybersecurity firm said in a note.

“Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer. The threat group behind more_ eggs, Golden Chickens, sells the backdoor under a malware-as-a-service(MaaS) arrangement to other cybercriminals.

“Once more_eggs is on the victim’s computer system, the Golden Eggs seedy customers can go in and infect the system with any type of malware: ransomware, credential stealers, banking malware, or simply use the backdoor as a foothold into the victim’s network so as to exfiltrate data,” said eSentire, which employs more than 450 people across Canada, the US and the United Kingdom (UK).

So far, the Ontario-based firm said its TRU team has not discovered forensics indicating the identity of the hacking group which is trying to spearphish the LinkedIn members. However, this malware has been used by three notable threat groups FIN6, Cobalt Group, and Evilnum.

Khaleej Times: Copyright © 2017 Khaleej Times. All Rights Reserved. Provided by SyndiGate Media Inc. ( www.Syndigate.info ).

Disclaimer: The content of this article is syndicated or provided to this website from an external third party provider. We are not responsible for, and do not control, such external websites, entities, applications or media publishers. The body of the text is provided on an “as is” and “as available” basis and has not been edited in any way. Neither we nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this article. Read our full disclaimer policy here.

More From Risk