Advertisements

Fake LinkedIn Job Offers Infect with Malware

If you usually use the LinkedIn social network to look for a job you should be careful with some false job offers that seek to infect the devices of their victims with malware.

Advertisements
Share Give it a Spin!
RSS
Follow by Email
Twitter
LINKEDIN

If you usually use the LinkedIn social network to look for a job you should be careful with some false job offers that seek to infect the devices of their victims with malware.

A team of researchers from security firm Proofpoint has discovered a malicious campaign that spreads malware through LinkedIn messages with false job offers. Extreme caution, check carefully the communications that come to this chat and distrust any message sent by an unknown sender.

LinkedIn is the professional social network par excellence, and for this reason no user is strange to receive a contact request from a company or a human resources professional who is interested in your profile.

However, it is better that from now on, you should carefully review contact requests for these characteristics, because a campaign has been detected using LinkedIn’s messages to send fake job offers with which to infect victims with malware.

According to the Proofpoint report, attackers use a JavaScript-based backdoor known as More_eggs to infect users’ computers. Once the malware is installed, cybercriminals can control the compromised computer remotely.

The first step is to send a direct message from LinkedIn, which usually contains a fake job offer with a malicious link. The link points to a fake website of a legitimate recruitment company, which automatically starts the download of a Microsoft Office document created with the Taurus Builder tool. Afterwards, this document will attempt to download and execute the load of More_eggs to infect the computer.

To avoid being a victim of this type of malicious campaigns, check carefully the private messages of LinkedIn. If someone you do not know attaches a link to the website of a company, it is best that you look for your legitimate address and access it on your own, especially if the links that you provide are shortened and can not be recognized.

Advertisements