If we may sour the mood for a second, job hunting has become incredibly difficult in the last while. Even before the world was consumed by a pandemic, finding work was a challenge that’s just become even more taxing. So of course that means that crappy individuals would flock to LinkedIn, a place used by many people to search for jobs, to spin up a phishing campaign. The professional social media platform has reportedly been inundated with malware as users report inboxes flooded with messages that sound like tempting job offers but just turn out to be viruses or scammers looking for private information.
eSentire, a cyber-security firm, published a report which laid out the extent of the damage caused by “Golden Chickens”, a strangely named group of hackers looking to harass and potentially harm folks who’re just desperate for employment. It’s similar in effect to a bunch of scammers sending out emails to DStv users thanking them for their loyalty; those were also phishing attempts.
LinkedIn and Locked Out
According to eSentire, scammers are sending LinkedIn users a DM disguised as an individual that looks to offering a job opportunity yet when the message is downloaded, a .zip file is automatically downloaded onto your machine. This file contains a piece of malware that allows the hackers to remotely control your computer. According to eSentire this virus, named “more_eggs”, is particularly dangerous as it, “uses normal Windows processes to run so it is not going to typically be picked up by anti-virus and automated security solutions so it is quite stealthy.”
It’s currently believed that the Golden Chickens group aren’t necessarily facilitating the attacks but rather supplying the malware to others. This is all to say that if you’re busy perusing LinkedIn for work then just be aware of this kind of thing. Employers don’t typically offer jobs through direct messages so keep your eyes open for anything that may seem a little too good to be true.