Golden chickens is a threat group of cybercriminals that are using spear-phishing tactics to attack professionals on LinkedIn. The LinkedIn members receive attractive and enticing job offers that tempt them to open the attached ZIP files that initiate the stealth download of the “more_eggs” fileless backdoor.
For instance, if your job listing on LinkedIn is “Digital Marketing Manager,” the job offer would be of a digital marketing managerial position. Upon opening the ZIP file, the malicious more_eggs backdoor will be installed automatically.
This malware can then fetch additional malware (banking malware) once downloaded and open access to the victim’s information and system. Moreover, the Golden chickens are selling more_eggs as malware-as-a-service to other cybercriminals.
The malware also appeared in 2019 as it was used by the financial threat gang FIN6 to target various eCommerce companies. The malware was also used to attack pharmaceuticals, entertainment, and retail companies.
Evilnum uses the Malware-As-A-Service to attack financial tech companies to gather critical and confidential information.