• The malware is disguised as job offers that contain malicious attachments.
  • The campaign drops keyloggers like Agent Tesla or remote access trojans (RATs).

A new malware campaign has been identified targeting job seekers. The cybercriminals behind the campaign have disguised the malware has a job offer and are using freelance job sites like Fiverr and Freelancer.

According to MalwareHunterTeam, who discovered the new campaign, victims are targeted with keyloggers like Agent Tesla or remote access trojans (RATs), Bleeping Computer reported.

The campaign has not only been successful in infecting victims but has also led to victims, unaware that they have been infected by a malware, requesting the attacker(s) for support. According to Bleeping Computer’s report, a victim responded to the fake job offer, telling the attacker that he/she was unable to open the malicious attachment on their mobile device.

The attacker(s) reportedly responded to the victim telling him/her that the attachment needs to be opened on a PC. This indicates that not only are attackers diversifying and innovating new attack methods, but also engaging with victims to ensure their campaign’s success.

To avoid such attacks, users should always use anti-virus programs, and scan attachments before opening them.

Cyware Publisher