Phishing attacks are targeting out-of-work users on LinkedIn, creating lures using job titles scraped from the targeted workers’ profiles in an attempt to convince them to open and execute different malicious files or links, according to a new analysis from cybersecurity firm eSentire.
The attack involves a tool known as “more_eggs” — a fileless backdoor program that consists of a script that runs in memory and calls various system functions to compromise the target’s computer. The latest variant of the scheme uses a malicious ZIP archive labeled with the target’s title from LinkedIn and then uses a LNK file to execute.
The attack shows the degree to which attackers — in this case, a group dubbed “Golden Chickens” — are improving personalization and targeting to increase the likelihood of their success, says Rob…