Hackers Using LinkedIn to Spread Malware

Attackers posing as recruiters on LinkedIn are conducting a social engineering scam using potential job openings as bait.

Looking for a job? Beware of fake recruiters.

Hackers are posing as recruiters, targeting and messaging people about potential job openings using LinkedIn’s direct messaging service.

Victims will receive a direct message with their professional title, as it appears on LinkedIn, as the subject line. These messages will either ask victims to click a link or download malicious attachments to view the job description.

These fake recruiters even have fake websites that impersonate real staffing agencies. But unlike real staffing agencies, they also host malicious payloads.

The malicious files will appear as a Word document that then attempts to download and execute the “More_eggs” payload. This will install malware on your computer, which can then compromise your data and technology functions.

According to Proofpoint, these campaigns are targeting US companies in various industries, including retail, entertainment, pharmacy, and others that use online shopping portals.

So if you get one of these recruiter messages, just be careful about what you are clicking and downloading. Only download from known sources, and be wary about the way they respond.

Happy hunting!