Disgusting Fake Employment Site Targets Veterans And Installs Remote Access Trojan

fake-veterans-websiteJust when you think they could not sink any lower, you see something like this. A fake website pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that lets the attackers gain full control over a victim's computer. These lowlifes use social engineering to trick vets to visit the site.

Researchers from ESET have a found a website that pretends to be the organization called HMH, or Hire Military Heroes, that offers a desktop application that veterans can use for job opportunities.

ESET states that the attackers behind this web site are a threat actor group named Tortoiseshell, who Symantec recently identified as an attacker who targeted IT companies in order to gain access to their customers.

If the program is launched, a small loading screen will appear that states "Hire Military Heroes is a new resource for hiring armed forces." and that it is trying to connect to the database.

While this screen is being displayed, the malware is actually downloading two other malware files and saving them to the computer.

It will then show an alert that states "Sorry. Your security solution is terminating connections to our servers.". This fake error is being displayed to make it appear that it is a legitimate program that did not work on the computer.

In addition to the information gathering malware, a remote access Trojan will also be installed on the computer. This Trojan will be installed as a Windows service with a service name of "dllhost" and a display name of "Dll host".

This service will be configured to start automatically so that the infection starts every time Windows starts. Technical details, links and screenshots at Bleepingcomputer.


Free Social Media Phishing Test

Would your users fall for a phishing email that looks like it originated from a credible social media site such as Facebook, LinkedIn or Twitter? Attackers use social media to target both your brand, your users, and even your customers by distributing malware or using social engineering to phish for credentials. These platforms have become a goldmine for the bad guys to carry out social media phishing attacks against your organization. Don't get hacked by social media phishing attacks!

SPT-monitorHere’s How the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

Don't like to click on redirected buttons? Copy & paste this link into your browser:

Subscribe To Our Blog

Nuclear Ransomware Webinar

Get the latest about social engineering

Subscribe to CyberheistNews