How Hackers Target Job Seekers on LinkedIn

Update: 2021-04-07 13:30 IST

 LinkedIn

LinkedIn is a relatively popular social network for professionals looking for work or connecting with other professionals. Last year, there has been a severe shortage of jobs in many parts of the world. With many people turning to LinkedIn to look for work, it seems like hackers are targeting them with a new phishing campaign.

As per a report from Gizmodo, hackers are using a sophisticated campaign to target users' devices. The report cites research published by eSentire, who provides cybersecurity solutions.

eSentire warned users that a hacking group is targeting "business professionals on LinkedIn with fake job offers in an effort to infect them with a sophisticated backdoor Trojan."

What is a backdoor Trojan? It is a form of malware that gives hackers remote access and control over the victim's computer and allows them to send, receive, initiate, and even delete files.

According to the report, the hackers are connected to a group called Golden Chickens.

How do hackers target LinkedIn users?

Hackers send a DM or direct message to a user with some job offer. The offer is bogus but comes attached with a Zip file or has an attachment with the extension .zip. The .zip file has hidden malware that helps hackers target and control the victim's device. eSentire explains how the whole process is carried, "If the LinkedIn member's job is listed as Senior Account Executive—International Freight, the malicious zip file would be titled Senior Account Executive—International Freight position (note the "position" added to the end)."

"Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs," the report further adds.

The more_eggs malware, as per Rob McLeod, senior director, eSentire, is particularly problematic as it has three elements that make it a "formidable threat to businesses and business professionals." It's dangerous as the malware is hard to pick up by anti-virus tools and other security solutions. "Since the COVID pandemic, unemployment rates have risen dramatically. It is a perfect time to take advantage of job seekers who are desperate to find employment. Thus, a customized job lure is even more enticing during these troubled times," explained Rob McLeod.

According to Gizmodo, LinkedIn made a statement to them about the issue. "Millions of people use LinkedIn to search and apply for jobs every day — and when job searching, safety means knowing the recruiter you're chatting with is who they say they are, that the job you're excited about is real and authentic, and how to spot fraud. We don't allow fraudulent activity anywhere on LinkedIn. We use automated and manual defences to detect and address fake accounts or fraudulent payments. Any accounts or job posts that violate our policies are blocked from the site," said LinkedIn in a statement to Gizmodo.

Tags:    

Similar News