National Tourism Strategy 2031 aims to increase the contribution of the UAE tourism sector to the national GDP to Dh450 billion
Professionals in the UAE and worldwide have been advised to be cautious of job offers they receive on LinkedIn because hackers are offering fake jobs on the social media platform to infect them with malware.
The scammers offer fake jobs to infect mobile phones and computers to steal the data of the professionals.
Cybersecurity solutions firm eSentire said its Threat Response Unit (TRU) has found that hacking groups are spearphishing professionals on LinkedIn with fake job offers to infect them with a sophisticated backdoor Trojan.
Backdoor trojans give threat actors remote control over the victim’s computer, allowing them to send, receive, launch and delete files.
“Hackers are spearphishing victims with a malicious zip file using the job position listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s job is listed as Senior Account Executive — International Freight the malicious zip file would be titled Senior Account Executive — International Freight position (note the “position” added to the end),” the Canadian cybersecurity firm said in a note.
“Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer. The threat group behind more_ eggs, Golden Chickens, sells the backdoor under a malware-as-a-service(MaaS) arrangement to other cybercriminals.
“Once more_eggs is on the victim’s computer system, the Golden Eggs seedy customers can go in and infect the system with any type of malware: ransomware, credential stealers, banking malware, or simply use the backdoor as a foothold into the victim’s network so as to exfiltrate data,” said eSentire, which employs more than 450 people across Canada, the US and the United Kingdom (UK).
So far, the Ontario-based firm said its TRU team has not discovered forensics indicating the identity of the hacking group which is trying to spearphish the LinkedIn members. However, this malware has been used by three notable threat groups FIN6, Cobalt Group, and Evilnum.
-waheedabbas@khaleejtimes.com
National Tourism Strategy 2031 aims to increase the contribution of the UAE tourism sector to the national GDP to Dh450 billion
The Tunisian icon believes tennis still has a way to go to achieve gender equality
Emirati golfers sweep the top three positions in both team and individual categories with Oman and Saudi finishing with silver and bronze medals
Kane Williamson will captain the T20 World Cup squad for a fourth time as New Zealand hunt for a maiden title
Vehicle owners must bring their old plates along to the inspection station
Clean sweep for UAE in golf as the hosts win team gold and Rayan claims individual title