Security News > 2022 > April > Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers

A new set of phishing attacks delivering the more eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers.

"This year the more eggs operation has flipped the social engineering script, targeting hiring managers with fake resumes instead of targeting jobseekers with fake job offers," eSentire's research and reporting lead, Keegan Keplinger, said in a statement.

"More eggs achieves execution by passing malicious code to legitimate windows processes and letting those windows processes do the work for them," Keplinger said.

The goal is to leverage the resumes as a decoy to launch the malware and sidestep detection.

It's worth pointing out that more eggs, once deployed, could be used as a jumping off point for further attacks such as information theft and ransomware.

"The threat actors behind more eggs use a scalable, spear-phishing approach that weaponizes expected communications, such as resumes, that match a hiring manager's expectations or job offers, targeting hopeful candidates that match their current or past job titles," Keplinger said.

News URL

https://thehackernews.com/2022/04/hackers-sneak-moreeggs-malware-into.html