• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers

You are here: Home / General Cyber Security News / Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers
April 21, 2022

Malware Into Resumes

A new established of phishing attacks providing the much more_eggs malware has been observed striking corporate selecting supervisors with bogus resumes as an an infection vector, a yr just after potential candidates hunting for function on LinkedIn ended up lured with weaponized occupation features.

“This yr the additional_eggs procedure has flipped the social engineering script, focusing on choosing professionals with fake resumes alternatively of concentrating on jobseekers with phony work gives,” eSentire’s study and reporting lead, Keegan Keplinger, explained in a statement.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CyberSecurity

The Canadian cybersecurity company said it determined and disrupted four different security incidents, three of which transpired at the close of March. Specific entities include a U.S.-based mostly aerospace organization, an accounting small business found in the U.K., a regulation agency, and a staffing agency, the two dependent out of Canada.

The malware, suspected to be the handiwork of a menace actor called Golden Chickens (aka Venom Spider), is a stealthy, modular backdoor suite able of stealing valuable info and conducting lateral motion across the compromised network.

“A lot more_eggs achieves execution by passing destructive code to reputable windows procedures and permitting these windows processes do the get the job done for them,” Keplinger said. The goal is to leverage the resumes as a decoy to launch the malware and sidestep detection.

CyberSecurity

The purpose reversal in the modus operandi apart, it is really unclear what the attackers had been immediately after in light-weight of the simple fact that the intrusions ended up stopped before they could bring their plans to fruition. But it really is really worth pointing out that extra_eggs, the moment deployed, could be utilized as a jumping off stage for further attacks these as information and facts theft and ransomware.

“The danger actors behind much more_eggs use a scalable, spear-phishing method that weaponizes envisioned communications, this kind of as resumes, that match a selecting manager’s anticipations or position provides, targeting hopeful candidates that match their present-day or past task titles,” Keplinger claimed.

Located this article exciting? Adhere to THN on Facebook, Twitter  and LinkedIn to examine much more special articles we write-up.


Some parts of this write-up are sourced from:
thehackernews.com

Previous Post: «amazon's hotpatch for log4j flaw found vulnerable to privilege escalation Amazon’s Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers
  • Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers
  • Amazon’s Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug
  • Five Eyes nations warn against impending Russian cyber attacks
  • Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails
  • Critical Chipset Bugs Open Millions of Android Devices to Remote Spying
  • New Incident Report Reveals How Hive Ransomware Targets Organizations
  • New Incident Report Reveals How Hive Ransomware Targets Organizations
  • REvil ransomware group’s infrastructure comes back online hinting at fresh campaign
  • Five Eyes Agencies Issue Detailed Russian Cyber-Threat Warning

Copyright © TheCyberSecurity.News, All Rights Reserved.