After fake emails, fake calls, and fake messages, hackers are using a new way to trap victims and make them install malware on their PCs.
By now, you've got a good idea of how a hacker will try to harm you. Generally, they will send you an email with a link to a fake website, or directly launching the download of malware. For this to work, the message must encourage you to click, and there is no shortage of ways to do this. Your bank advisor explaining that your account is in danger and that you need to act quickly, a family member or friend who has an emergency...
However, there are more subtle ways to do it. Some cybercriminals will post fake job offers to get you to install malware. But as potential victims are increasingly suspicious, you have to find something else. Unfortunately for us, hackers have a lot of imagination. Cybersecurity experts at DomainTools have discovered how the FIN6 group, or Skeleton Spider, has been operating for some time.
Here's how hackers are trapping new victims; they'll stop at nothing
It's simple: instead of playing recruiters, they play job seekers. The criminal will first locate a job opening through traditional means and contact the person in charge via the job posting site Indeed or the social network LinkedIn.
Once the conversation has started, they ask to send their resume by email. The message contains a non-clickable web address to an online resume. This helps avoid detection by anti-malware tools.
The recruiter then types the address manually into their browser and arrives at a page where they must complete a CAPTCHA to start downloading an archive containing the CV. Obviously, malware is there, in this case called More Eggs. It can steal data, execute commands remotely, or even install other programs.
Believing they are opening the document, the victim will actually launch its installation. Where the FIN6 group excels is that the fake sites will exclude those who use a VPN, a connection via the cloud, macOS, or Linux. Only the intended targets are therefore impacted. After job seekers, recruiters will also have to be extra careful to avoid falling into the trap.
0 Comments