+27 (0)82 373 8415 info@sami.co.za Client Area login Assessment Form Visa Renewal Services


News Articles

Hackers abuse LinkedIn DMs to plant malware

Source: SAMI, 13/05/2019


In a blog post, the firm said hackers establish a relationship with
potential victims by abusing LinkedIn’s direct messaging service.
In follow-up emails, the actor pretends to be from a staffing company
with an offer of employment. In many cases, the actor supports
campaigns with fake websites that impersonate legitimate staffing
companies. “These websites, however, host the malicious payloads. In
other cases, the actor uses a range of malicious attachments to
distribute More_eggs,” the company said.
What is malware?
After a week, hackers then send a direct email to the target’s work
address reminding the recipient about the prior attempt to
communicate on LinkedIn.
“It uses the target’s professional title, as it appears on LinkedIn,
as the subject, and often suggests the recipient click on a link to
see the noted job description. In other cases, this actor used an
attached PDF with embedded URLs or other malicious attachments,”
Proofpoint added.
The URLs link to a landing page that spoofs a real talent and
staffing management company, using stolen branding to enhance the
legitimacy of the campaigns. This page then kicks off the download of
the malicious Word document that then attempts to download and
execute the “More_eggs” payload if the recipient has enabled macros.
“These campaigns demonstrated considerable variability, with the
actor frequently changing delivery methods and more,” the researchers
added.
They said that hackers are turning away from very large-scale “spray
and pray” campaigns to focus more on focus on persistent infections
with downloaders, RATs, bankers, and other malware.
The researchers warned: “We can expect more threat actors to adopt
approaches that improve the effectiveness of their lures and increase
the likelihood of high-quality infections.`


Search

Search

Latest News

  •    ... Read more...
  •    ... Read more...
  •    ... Read more...
  •    ... Read more...
  •    If you are visiting SA or already here on a visa, take this as a public-interest warning. In 2025, a quiet, but sharp, shift has taken hold inside parts of home affairs adjudication ranks: applications are being refused almost mechanically if they were not submitted at least 60 days before visa expiry.A wave of refusals repeating near-identical wording:The applicant did not submit his/her application no less than 60 days prior to the expiry date of his/her.

    The rigid application of this rule, devoid of consideration for mitigating circumstances, raises serious concerns about the fairness and legality of such administrative decisions.

    ...     Read more...
  •    ... Read more...
  •    ... Read more...
  •    ... Read more...
  •    ... Read more...
  •    ... Read more...
South Africa Immigration Company