"A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, leading to a more_eggs backdoor infection," Trend Micro researchers Ryan Soliven, Maria Emreen Viray, and Fe Cureg said in an analysis.
"Shortly after, a recruitment officer downloaded a supposed resume, John Cboins.zip, from a URL using Google Chrome. It was not determined where this user obtained the URL."
"More_eggs, sold as a malware-as-a-service (MaaS), is malicious software that siphons credentials, including those related to online bank accounts, email accounts, and IT administrator accounts."
Collection
[
|
...
]