LinkedIn job offer cannot be trusted anymore, scammers use them to infect phone and computers, steal data

As per security firm eSentire, a group of cybercriminals has found new targets in job seekers on Linkedin.

COVID-19 has not only caused a health scare but has also severely impacted the economy. Scores of people have lost their jobs because companies couldn’t keep the show running during the coronavirus-induced lockdown. Even though the lockdown has been lifted now, the companies are struggling to get back on their feet. And just when people thought that COVID-19 has loosened its grip, It is back to wreak havoc again. Meanwhile, Linkedin has become a ray of hope for job hunters. But some cybercriminals are taking advantage of the job seekers by sending them malware masked as job openings. As per security firm eSentire, a group of cyberattackers has found new targets in job seekers on Linkedin. The group which is called “Golden Chickens” has found a rather innovative way of tricking people to click on their malicious links, that further installs the malware in the victim’s device. The report states that the professionals on LinkedIn are being tricked to click on job offers that are titled the same thing as their current designation. “For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the “position” added to the end). Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer,” eSentire research team states.