Disgusting Fake Employment Site Targets Veterans And Installs Remote Access Trojan

fake-veterans-websiteJust when you think they could not sink any lower, you see something like this. A fake website pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that lets the attackers gain full control over a victim's computer. These lowlifes use social engineering to trick vets to visit the site.

Researchers from ESET have a found a website that pretends to be the organization called HMH, or Hire Military Heroes, that offers a desktop application that veterans can use for job opportunities.

ESET states that the attackers behind this web site are a threat actor group named Tortoiseshell, who Symantec recently identified as an attacker who targeted IT companies in order to gain access to their customers.

If the program is launched, a small loading screen will appear that states "Hire Military Heroes is a new resource for hiring armed forces." and that it is trying to connect to the database.

While this screen is being displayed, the malware is actually downloading two other malware files and saving them to the computer.

It will then show an alert that states "Sorry. Your security solution is terminating connections to our servers.". This fake error is being displayed to make it appear that it is a legitimate program that did not work on the computer.

In addition to the information gathering malware, a remote access Trojan will also be installed on the computer. This Trojan will be installed as a Windows service with a service name of "dllhost" and a display name of "Dll host".

This service will be configured to start automatically so that the infection starts every time Windows starts. Technical details, links and screenshots at Bleepingcomputer.


Don’t get hacked by social media phishing attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. The bad guys use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

SPT-monitorHere's how the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews