Crooks Posing as Job Hunters to Malware-Infect Recruiters

Crooks posing as job hunters to malware-infect recruiters

: FIN6 moves from point-of-sale compromise to phishing recruiters

Hackers are now pretending to be jobseekers to spread malware

As if fake recruiters weren't enough, fake candidates are also now a threat

FIN6 hackers pose as job seekers to backdoor recruiters’ devices

In a twist on typical hiring-related social engineering attacks, the FIN6 hacking group impersonates job seekers to target recruiters, using convincing resumes and phishing sites to deliver malware.

FIN6 exploits HR workflows to breach corporate defenses

The financially motivated cybercrime group FIN6, also known as Skeleton Spider, is targeting human resources professionals with an elaborate social engineering scheme that uses fake job applications to deliver malware, according to new research from security analysts. The campaign begins with attackers posing as job seekers on professional platforms like LinkedIn and Indeed, building rapport with recruiters before following up with phishing emai…

Hackers are now pretending to be jobseekers to spread malware - WorldNL Magazine

(Image credit: Isabela Bela / Pixabay) DomainTools spots hackers creating fake job seeker personasThey target recruiters and HR managers with the More Eggs backdoorThe backdoor can steal credentials and execute commandsHackers are now pretending to be jobseekers, targeting recruiters and organizations with dangerous backdoor malware, experts have warned.Cybersecurity researchers DomainTools recently spotted a threat actor known as FIN6 using th…