A new scam orchestrated by the cybercrime group FIN6 involves impersonating job seekers to target recruiters on platforms like LinkedIn and Indeed. By directing recruiters to fake portfolio sites that appear legitimate, the criminals successfully embed malware called More_eggs, allowing them to execute commands remotely and steal credentials. This social engineering tactic leverages phishing emails, using intricate techniques to bypass security systems while masking their identity through anonymous domain registration, showcasing an advanced shift in cybercriminal strategies.
The gang behind the con is FIN6 (aka Skeleton Spider), a financially motivated crew that has moved from stealing credit card data into social engineering campaigns like this one.
More_eggs malware enables the crooks to remotely execute commands, steal victims' credentials, and deliver additional payloads to compromised computers, operating in memory, making it hard to detect.
Collection
[
|
...
]