Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Phishing Attack Delivers More_eggs

June 11, 2024
Reading Time: 3 mins read
in Alerts
Phishing Attack Delivers More_eggs

A recent phishing attack has been uncovered, distributing the More_eggs malware under the guise of resumes. Targeting recruiters through LinkedIn job postings, the attack aims to trick victims into downloading malicious payloads by presenting fake resume download sites. The attempt, disclosed by Canadian cybersecurity firm eSentire, was aimed at an unnamed company in the industrial services industry in May 2024. Despite being unsuccessful, it highlights the ongoing threat posed by social engineering tactics used by cybercriminals to distribute malware.

More_eggs, a modular backdoor believed to be operated by threat actors known as the Golden Chickens or Venom Spider, is capable of harvesting sensitive information. The malware, offered under a Malware-as-a-Service model, poses a significant risk to organizations due to its ability to establish persistence, gather data, and drop additional payloads. eSentire has previously identified real-world individuals associated with the operation, further highlighting the complexity of the threat landscape posed by such malware campaigns.

The phishing campaign observed by eSentire involves attackers responding to LinkedIn job postings with links to fake resume download sites. These sites lead victims to download malicious Windows Shortcut files (LNK), which are then used to retrieve a malicious DLL and establish persistence on infected systems. Despite the unsuccessful attempt disclosed, More_eggs campaigns remain active, emphasizing the need for organizations to remain vigilant against social engineering tactics used by threat actors to distribute malware.

In addition to the More_eggs phishing attack, eSentire also revealed details of a drive-by download campaign distributing Vidar Stealer through fake websites. The emergence of new phishing kits, such as V3B targeting European banking customers, further underscores the evolving nature of cyber threats and the importance of robust cybersecurity measures to protect against them.

Reference:

  • Phishing Attack Disguising More_eggs Malware Detected in Recruitment Scam

Tags: CanadaCyber AlertCyber Alerts 2024Cyber RiskCyber threatJune 2024LinkedInMalwarePhishing
ADVERTISEMENT

Related Posts

Fake Firms Push Malware on Crypto Users

Fake Sites Push Investment Scams

July 11, 2025
Fake Firms Push Malware on Crypto Users

Severe WordPress Flaw 200K Sites at Risk

July 11, 2025
Fake Firms Push Malware on Crypto Users

Fake Firms Push Malware on Crypto Users

July 11, 2025
Hackers Revive SEO Poisoning

Hackers Revive SEO Poisoning

July 10, 2025
Hackers Revive SEO Poisoning

RondoDox Botnet Exploits Router Flaws

July 10, 2025
Hackers Revive SEO Poisoning

ServiceNow Data Exposure via ACLs

July 10, 2025

Latest Alerts

Fake Sites Push Investment Scams

Fake Firms Push Malware on Crypto Users

Severe WordPress Flaw 200K Sites at Risk

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Subscribe to our newsletter

    Latest Incidents

    Microsoft’s Outlook Long Outage

    Avantic Lab Affected By Ransomware

    $40M+ Stolen from GMX Crypto Platform

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial