A new set of phishing attacks delivering the more_eggs malware has been seen hitting corporate hiring managers with fake resumes as an infection vector, a year after potential job seekers on LinkedIn were lured with bogus job offers.
While we remember, Golden Chickens has been active for a while now and the same goes for its more_eggs malware since a while ago there was a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to a group of researchers. .
These threat actors have previously sent phishing emails attempting to trick victims into clicking on a malicious .ZIP file offering a job by making it look like a legitimate offer but… This is of course false.
This time, they are targeting hiring managers with bogus resumes instead of targeting job seekers with bogus job postings.
Canadian cybersecurity company eSentire said it has identified and disrupted four separate security incidents, three of which occurred in late March. Target entities include a US-based aerospace company, a UK-based accounting firm, a law firm and an employment agency, both based in Canada.
The threat actors behind more_eggs use a scalable spear-phishing approach that weaponizes expected communications, such as resumes, that match a hiring manager’s expectations or job offers, targeting hopeful candidates that match their current job titles.
