Threat actors have been deploying phishing attacks with the more_eggs malware
aimed at corporate hiring managers, according to The Hacker News.
Organizations impacted by the spear-phishing campaign include an aerospace firm in the U.S., a staffing agency and law firm in Canada, and an accounting organization in the U.K., a report from eSentire revealed.
"This year the more_eggs operation has flipped the social engineering script, targeting hiring managers
with fake resumes instead of targeting jobseekers with fake job offers," said eSentire Research and Reporting Lead Keegan Keplinger.
Golden Chickens, also known as Venom Spider, has been suspected to be behind the malware, which is a modular backdoor suite with information exfiltration and lateral movement capabilities.
"More_eggs achieves execution by passing malicious code to legitimate windows processes and letting those windows processes do the work for them," Keplinger added. While the attackers' goals with the intrusion remain unclear after being averted, the more_eggs malware could be leveraged for data theft and ransomware attacks once launched, said researchers.