The unfortunate rise in unemployment caused by the pandemic made communities on platforms like LinkedIn much more active. Job seekers began to hunt for new opportunities and employers started looking for candidates to fill empty positions.
Unfortunately, some hackers have decided this is a good time to try and steal data from other LinkedIn users.
Hackers Are Taking Advantage of Job Seekers on LinkedIn
According to a report by cybersecurity company eSentire, a group of scam artists collectively named "Golden Chickens" is spear phishing unsuspecting business professionals with fake LinkedIn job offers.
eSentire writes that the targeted victims are part of the healthcare technology sector. The hackers are trying to obtain the victims' personal data by sending them a malicious ZIP file that contains a backdoor or remote access trojan.
The file is named after the position that the victim has listed on their LinkedIn profile:
For example, if the LinkedIn member's job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the "position" added to the end). Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs [name of the trojan].