Hackers pose as recruiters to spread dangerous banking Trojan
That is why citizens interested in vacancies can get infected with a banking trojan
Even seeking employment is not an easy task and, as it is, hackers are now seeking to take full advantage of job seeking by infecting potential victims’ phones with a banking trojan. The latter is intended for targeting all the financial applications and services that are present on their device.
AppLite Banker is an example of the Trojan most frequently attacking financial programs.
The new scheme, covered in a post at The Hacker News, was employed to distribute an updated version of the Antidot banking trojan, a new mobile phishing campaign found by cybersecurity researchers. Known as AppLite Banker to its developers, mobile security company Zimperium, the malware can steal PIN code of a victim to fully control their smartphone from a distance.
But the trojan does not end here. It focuses particularly on 172 banking, financial, and crypto apps, and then employs overlay attacks to steal a user’s “credentials” when the user logs into one of the apps.
The swindle within the idea of fake employment opportunities
In a new blog post published today, the zLabs team of Zimperium shows that the hackers behind this campaign act as recruiters or representatives of companies offering a job vacancy. Worse still, they claim to be from reputable organizations and use very polished emails that will not alert anyone.
To force victims into responding to their offers, hackers also offer victims $25 every hour. If a job seeker bites on that first email, the link leads to a fake employment site where the victim can further the application or arrange an interview. But this page is tricking users into downloading a CRM app for android – whichturns out to be simply a malware.
How to protect yourself from hackers during your next job search
So, how do you stay safe in the face of such risks during your next job search? Caution is advised. Do your due diligence on the recruiter and ask yourself why they contacted you out of the blue. If a job posting sounds too good to be true, it probably is. Be wary when asked to download files, especially apps. Most applications and hires are done through web portals, so there’s nothing you should need to upload in the first place.
