Freelancers Being Targeted With Malware Disguised as Job Offers in freelancing Marketplace




https://www.itechblog.net
www.itechblog.net

Hackers are using freelancing web applications such as the Fiverr and Freelancer to distribute malware disguised as job offers which contain attachments that are pretending to be a job description but are actually installing keyloggers in victim files

Hackers are using freelancing web applications such as the Fiverr and Freelancer to distribute malware disguised as job offers which contain attachments that are pretending to be a job description but are actually installing keyloggers in victim files.

There are keyloggers such as AgentTesla and Remote Access Trojans (RATs) which can be installed in a victim’s computer system. According to a report from the MalwareHunterTeam, these type of attacks are being implemented on freelancing platforms Fiverr and Freelancer.

As you can see in the Screenshot below the attacker is trying to create a fake job offer for multiple users.

How Are Victims Being Infected?

Most of these offers look legitimate but are coded with malicious malware that will attack the victim’s systems with keyloggers and Remote Desktop Monitoring software. Some of the victims are asking for support from the creator of the job offer for the freelancers when experiencing problems with documents that are shared on these freelancing platforms.

For example if an attacker wished to gain control of a users mobile device they would say the document cannot be opened on a PC and instead can only be opened on a mobile device. Attackers are using innovative ways to distribute their malware and also going the extra mile in “helping” these victims to install their malware on the devices. It is important to have updated anti-virus software and OS patches installed on your systems. If you are unsure of an attachment run it through websites such as Virustotal, also consider using a separate sandbox environment for opening attachments.



Hackers are using freelancing web applications such as the Fiverr and Freelancer to distribute malware disguised as job offers which contain attachments that are pretending to be a job description but are actually installing keyloggers in victim files.

There are keyloggers such as AgentTesla and Remote Access Trojans (RATs) which can be installed in a victim’s computer system. According to a report from the MalwareHunterTeam, these type of attacks are being implemented on freelancing platforms Fiverr and Freelancer.

As you can see in the Screenshot below the attacker is trying to create a fake job offer for multiple users.

How Are Victims Being Infected?

Most of these offers look legitimate but are coded with malicious malware that will attack the victim’s systems with keyloggers and Remote Desktop Monitoring software. Some of the victims are asking for support from the creator of the job offer for the freelancers when experiencing problems with documents that are shared on these freelancing platforms.


For example if an attacker wished to gain control of a users mobile device they would say the document cannot be opened on a PC and instead can only be opened on a mobile device. Attackers are using innovative ways to distribute their malware and also going the extra mile in “helping” these victims to install their malware on the devices. It is important to have updated anti-virus software and OS patches installed on your systems. If you are unsure of an attachment run it through websites such as Virustotal, also consider using a separate sandbox environment for opening attachments. For example if an attacker wished to gain control of a users mobile device they would say the document cannot be opened on a PC and instead can only be opened on a mobile device. Attackers are using innovative ways to distribute their malware and also going the extra mile in “helping” these victims to install their malware on the devices. It is important to have updated anti-virus software and OS patches installed on your systems. If you are unsure of an attachment run it through websites such as Virustotal, also consider using a separate sandbox environment for opening attachments.
There are keyloggers such as AgentTesla and Remote Access Trojans (RATs) which can be installed in a victim’s computer system. According to a report from the MalwareHunterTeam, these type of attacks are being implemented on freelancing platforms Fiverr and Freelancer.


As you can see in the Screenshot below the attacker is trying to create a fake job offer for multiple users.
How Are Victims Being Infected?
Most of these offers look legitimate but are coded with malicious malware that will attack the victim’s systems with keyloggers and Remote Desktop Monitoring software. Some of the victims are asking for support from the creator of the job offer for the freelancers when experiencing problems with documents that are shared on these freelancing platforms.


For example if an attacker wished to gain control of a users mobile device they would say the document cannot be opened on a PC and instead can only be opened on a mobile device. Attackers are using innovative ways to distribute their malware and also going the extra mile in “helping” these victims to install their malware on the devices. It is important to have updated anti-virus software and OS patches installed on your systems. If you are unsure of an attachment run it through websites such as Virustotal, also consider using a separate sandbox environment for opening attachments.

Hackers are using freelancing web applications such as the Fiverr and Freelancer to distribute malware disguised as job offers which contain attachments that are pretending to be a job description but are actually installing keyloggers in victim files.
There are keyloggers such as AgentTesla and Remote Access Trojans (RATs) which can be installed in a victim’s computer system. According to a report from the MalwareHunterTeam, these type of attacks are being implemented on freelancing platforms Fiverr and Freelancer.


As you can see in the Screenshot below the attacker is trying to create a fake job offer for multiple users.
How Are Victims Being Infected?
Most of these offers look legitimate but are coded with malicious malware that will attack the victim’s systems with keyloggers and Remote Desktop Monitoring software. Some of the victims are asking for support from the creator of the job offer for the freelancers when experiencing problems with documents that are shared on these freelancing platforms.



For example if an attacker wished to gain control of a users mobile device they would say the document cannot be opened on a PC and instead can only be opened on a mobile device. Attackers are using innovative ways to distribute their malware and also going the extra mile in “helping” these victims to install their malware on the devices. It is important to have updated anti-virus software and OS patches installed on your systems. If you are unsure of an attachment run it through websites such as Virustotal, also consider using a separate sandbox environment for opening attachments.


Comments

Post a Comment

Popular posts from this blog

Amazon 2nd Gen Echo Dot review

Image
Amazon'sEcho Dot: Still a crown jewel of the modern smart home Summary The Dot is a smaller yet just as powerful version of the Amazon Echo. What it lacks in an internal speaker system it makes up for with an audio-out port and Bluetooth connectivity. While the app and inability to route queries to a single Alexa device within close proximity of each other can be annoying, the $50 price and Alexa's usefulness make the Dot a solid option for anyone who wants to start building a connected home on the cheap. Hardware At only 1.3 inches tall, the Dot (available in black or white ) virtually disappears into your home. It can be placed anywhere, and it won't disrupt your carefully decorated room. Like the larger Echo, the second-generation Dot can be used to fill an Amazon cart. But that's not the only thing people use it for. Instead, the Alexa platform is an incredibly helpful connected home hub , a fountain of random facts, an audiobook reader
Read more

Not Android: Google just invested in a new mobile os

Image
Google invested in a mobile OS called KaiOS this month, and it’s no secret that it’s not based in Android. What we’re looking at here is a company that makes an operating system that’s focused on feature phones – but feature phones that are smart. Sort of like bridging the gap between non-smart and smart phones. KaiOS might well be a big part of Google’s future in emerging markets around the world. According to KaiOS representatives, this operating system already works with a wide variety of manufacturers and carriers. Both inside and outside of the USA, KaiOS is established. You and I might have never heard of them before, but they’re out there! KaiOS worked in the past – and present – with manufactuer partners TCL, HMD Global, and Micromax. They’ve worked with Reliance Jio, Sprint, AT&T, and T-Mobile. They operate out of San Diego, Hong Kong, Taipei, Shanghai, Paris, and Bangalore. They’re ready to roll, basically. “We want to ensure that Google apps and servi
Read more

Hidden tricks you didn't know about your Android phone

Image
10 tips to master your Google-powered device. The Android versus iPhone debate continues to rumble on. But one thing is certain: Google's phone software is more versatile and customizable than Apple's offering. Dig into the settings and tweaks available for your Android phone and you'll find a host of clever features and useful tools. We've collected 10 of them right here. A quick note before we begin: Android has a wide variety of makes, models, and versions, which makes it more difficult to find features that will be consistent across all devices. We only verified the following tips on stock Android 7.0 Nougat—they should also work on related systems, but some of the menus and procedures may vary slightly. 1. Cast your Android screen For a number of years, you've been able to broadcast your Android phone or tablet's display to the larger screen of a television using a Chromecast. In addition to beaming video from all the us
Read more