Security News > 2023 > October > Fake Corsair job offers on LinkedIn push DarkGate malware
A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
Recent examples of DarkGate's use include phishing attacks through Microsoft Teams that push the payload and leveraging compromised Skype accounts to send VBS scripts to trigger an infection chain leading to the malware.
LinkedIn introduced features to fight abuse in the platform late last year that can help users determine if an account is suspicious or fake.
DarkGate malware spreads through compromised Skype accounts.
Microsoft Teams phishing attack pushes DarkGate malware.
Fake KeePass site uses Google Ads and Punycode to push malware.