Cybercriminal group FIN6 is employing new tactics by posing as job seekers on platforms like LinkedIn to infect recruiters with malware via fake resumes. This shift towards targeting enterprise threats highlights their evolving strategy beyond payment card theft. #FIN6 #SkeletonSpider #MoreEggs #VenomSpider
Keypoints
- FIN6 is now using recruitment scams to infect targets, expanding beyond financial data theft.
- The group interacts with recruiters on LinkedIn and Indeed before launching malware campaigns.
- Malicious emails contain no clickable links and direct victims to cloud-hosted landing pages.
- The landing pages verify human visitors using CAPTCHA before delivering the MoreEggs backdoor.
- FIN6βs tactics show a focus on broader enterprise threats like ransomware, not just payment card data.
Read More: https://therecord.media/fin6-recruitment-scam-malware-campaign