There is a new hacking campaign going on and Security firm, eSentire is warning users. According to the firm, this hack cruelly takes advantage of users seeking jobs to hack company networks. A hacking group known as Golden Chickens is behind the scheme and perpetrates this spearfishing attack. They send false job offers to specific targets using the information that they have provided on their LinkedIn profile.
For example, an Associate or Assistant Professor could receive a zip file with the title “Professor Position”. This is a “juicy offer” but the zip file contains the more_eggs trojan. Once the target falls for the bait and opens the zip folder, it automatically installs the more_eggs trojan on their PC.
With this trojan, the hacker will have salient access to the user’s PC. They can even download more extensions and plugins from here. Furthermore, this trojan works in a surreptitious manner and runs normally on windows.
Golden Chickens works for financial gains
Actually, Golden Chickens hack are strictly for financial benefits. They sell their hacks as malware-as-a-service to anyone who has a target. According to Rob McLeod, Sr. Director of the Threat Response Unit (TRU) for eSentire, this type of phishing will be more effective now considering the current economic climate.
In a statement Microsoft, who owns LinkedIn, said:
Millions of people use LinkedIn to search and apply for jobs every day — and when job searching, safety means knowing the recruiter you’re chatting with is who they say they are, that the job you’re excited about is real and authentic, and how to spot fraud. We don’t allow fraudulent activity anywhere on LinkedIn. We use automated and manual defenses to detect and address fake accounts or fraudulent payments. Any accounts or job posts that violate our policies are blocked from the site.
To this end, no matter how attractive the cover letter is, PC users should be careful what file they open. To read the full eSentire report, click here.
In our today’s world, hacking is quite common. Both the company and users have to be very careful. Recently, a report shows that no less than 530 million Facebook users had their personal information leaked online. This information includes full name, phone number, location, and other details. Interestingly, the hackers did this for free.