A threat group called Golden Chickens is delivering the fileless backdoor more_eggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers. The phishing emails try to trick a victim into clicking on a malicious.ZIP file by picking up the victim s current job title and adding the word position at the end, making it appear like a legitimate offer. Once downloaded, the malware can fetch additional malware and provide access to the victim’s system.
Source: https://threatpost.com/linkedin-spear-phishing-job-hunters/165240/