Threat actors launched an unsuccessful phishing attack against an industrial services firm last month that distributed the more_eggs malware with data exfiltration capabilities via fake resumes, which had been leveraged to spread the malware over two years ago, The Hacker News reports.Attackers commented a link on LinkedIn job postings that redirected to a fraudulent resume download site that facilitates malicious LNK file downloads, a report from eSentire revealed. Such a file enables malicious DLL retrieval and persistence before the eventual deployment of the more_eggs malware — which is linked to Venom Spider, also known as Golden Chickens — and other payloads. The findings follow a separate eSentire report detailing Vidar Stealer deployment via a phony KMSPico Windows activator tool website. Malicious sites masquerading as the Advanced IP Scanner were also reported by Trustwave SpiderLabs to have been utilized to enable the spread of the Cobalt Strike tool.
Network Security, Malware, Phishing
Malicious resumes used to spread more_eggs malware anew

(Adobe Stock Images)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds