Hiring? New scam campaign means ‘resume’ downloads may contain malware

The cybercrime group known as TA4557 is exploiting hiring managers and recruiters to distribute the “more_eggs” malware. The scheme involves sending seemingly innocent emails from supposed job seekers, meaning they’re less likely to be flagged as malicious. If managers respond, they’re directed to the applicant’s “personal website” to download a resume. This process helps to bypass secure email gateways and lure victims to malware-infected websites. Once downloaded, the “resume” installs the malware, giving the cybercriminals access to more data on the victim’s system.