A Job Applicant? Nope, It's A Malware AttackA Job Applicant? Nope, It's A Malware Attack
Cybercriminals burying malicious code in responses to job postings, IC3 says
January 20, 2011
Cybercriminals engaging in ACH/wire transfer fraud are targeting businesses by responding via email to employment opportunities posted online, according to federal authorities.
A warning from the Internet Crime Complaint Center yesterday stated that more than $150,000 was stolen from a U.S. business via unauthorized wire transfer as a result of an email the business received that contained malware.
According to FBI researchers, the malware was embedded in an email response to a job posting the business placed on an employment website and allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company.
The malicious actor changed the account settings to allow the sending of wire transfers -- one to the Ukraine and two to domestic accounts. The malware was identified as a Bredolab variant, svrwsc.exe. This malware was connected to the Zeus/Zbot Trojan, which is commonly used by cybercriminals to defraud businesses.
The FBI recommends that potential employers remain vigilant in opening the emails of prospective employees. The agency advises running a virus scan prior to opening any email attachments, and says businesses should use separate computer systems to conduct financial transactions.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023