Hackers abuse LinkedIn DMs to plant malware

Hackers are impersonating recruitment agencies on LinkedIn in a bid to target companies with backdoor malware. Researchers at Proofpoint found that the malware campaigns primarily targeted US companies in various industries including retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. In a blog post, the firm said hackers establish a relationship with potential victims by abusing LinkedIn’s direct messaging service. In follow-up emails, the actor pretends to be from a staffing company with an offer of employment. In many cases, the actor supports campaigns with fake websites that impersonate legitimate staffing companies. “These websites, however, host the malicious payloads. In other cases, the actor uses a range of malicious attachments to distribute More_eggs,” the company said.