Job Seekers or Cyber Sneakers? FIN6 Uses Fake Resumes to Deliver Malware Eggs-traordinaire!
FIN6, the cybercriminals with more names than a secret agent, are using fake resumes on AWS to deliver the More_eggs malware. By posing as job seekers, they lure recruiters into downloading malware masquerading as resumes, proving once again that even in cyberspace, the job market can be a minefield.
Hot Take:
Well, the job market is tough enough without having to worry about hackers posing as job seekers! FIN6 is turning the recruitment process into a cybercrime buffet, dishing out More_eggs malware like it’s a brunch special. Who knew fake resumes could be more than just a job hunter’s embellishment? Remember, folks, it’s all fun and games until someone downloads a ZIP file.
Key Points:
– FIN6 uses fake resumes, hosted on AWS, to deliver malware called More_eggs.
– The group initiates conversations on LinkedIn and Indeed, masquerading as job seekers.
– More_eggs, a product of the Golden Chickens group, acts as a backdoor for further attacks.
– FIN6 has a history of targeting PoS systems and e-commerce sites for financial data theft.
– The attack strategy involves social engineering, domain privacy, and cloud hosting obfuscation.