How hackers use LinkedIn to target users with fake job postings

For professionals looking for work or connecting with others, LinkedIn is a very popular social network. There has been a serious job crisis in many parts of the world over the past year. Since a lot of people turn to LinkedIn to look for jobs, it looks like this hacker target them with a new phishing campaign.
According to a report by Gizmodo, hackers are using an elaborate campaign to target users’ devices. The report cites a study published by eSentire, a Online Safety Solution provider.
eSentire warned users that a hacking group was “targeting business professionals on LinkedIn with fake job offers in order to infect them with a sophisticated backdoor Trojan.”
What is a backdoor trojan? It’s a form of Malware This gives hackers remote access and control of the victim’s computer and can send, receive, launch and even delete files.
The hackers are linked to a group called the Golden Chickens, according to the report.

How do hackers target LinkedIn users?

The hackers send a DM or direct message to a user with a job offer. The offer is fake but comes with a zip file or an attachment with a .zip extension. The zip file contains a hidden malware that allows hackers to target and control the victim’s device. eSentire explains how the whole process works: “If the LinkedIn member’s job is listed as

Senior Account Executive – International Freight

The malicious zip file would be titled

Senior Account Executive – International Freight Position (see “Position” added at the end). ”

When opening the fake job offer, the victim unintentionally instigates the clandestine installation of the fileless backdoor more_eggs, ”adds the report.
More_eggs malware is of particular concern, according to Rob McLeod, senior director of eSentire, because it contains three elements that make it “a formidable threat to businesses and businesses”. This is dangerous as the malware is difficult to detect by antivirus tools and other security solutions. “Since the COVID pandemic, unemployment rates have risen dramatically. It’s a perfect time to take advantage of job seekers who are desperate for work. So having a bespoke job bait is even more enticing in these tough times, ”explained McLeod.
According to Gizmodo, LinkedIn gave them a statement about the issue. “Millions of people use LinkedIn every day to search and apply for jobs. When looking for a job, security means knowing that the recruiter you are chatting with is who they say is the job you look forward to is real and authentic. and how to spot fraud. We do not allow fraudulent activity on LinkedIn. We use automated and manual defenses to detect and fix fake accounts or fraudulent payments. Any accounts or vacancies that violate our policies will be blocked from the site, ”LinkedIn said in a statement to Gizmodo.


Leave a Reply