Lmst

📢 Skeleton Spider : Livraison de malware via le cloud
📝 L'article de SecuritySnacks, publié le 10 juin 2025, met en lumière les activités du groupe de cybercriminalité FIN6, également connu sous le nom de **Skeleton Spider**...
📖 cyberveille : https://cyberveille.ch/posts/2025-06-15-skeleton-spider-livraison-de-malware-via-le-cloud/
🌐 source : https://dti.domaintools.com/skeleton-spider-trusted-cloud-malware-delivery/
#FIN6 #IOC #Cyberveille

ICYMI: DomainTools Investigations released new research this week!

Skeleton Spider (aka FIN6) is leveraging trusted cloud services like AWS to deliver malware through fake job applications and resume-themed phishing campaigns.

🔍 Learn how this financially motivated group is:

🔹Exploiting cloud infrastructure to evade detection
🔹Using social engineering to lure victims
🔹Building resilient, scalable malware delivery systems

Read the full analysis here: https://dti.domaintools.com/skeleton-spider-trusted-cloud-malware-delivery/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Skeleton-Spider

#CyberSecurity #ThreatIntelligence #Malware #CloudSecurity #Phishing #FIN6 #SkeletonSpider #InfoSec

Recruiters, take note: FIN6 hackers are now posing as job seekers, using fake resumes and slick online profiles to breach security. Ever wondered how real-life trust can turn into a cyber trap?

https://thedefendopsdiaries.com/fin6s-innovative-phishing-tactics-a-new-threat-to-recruiters/

#fin6
#phishing
#cybersecurity
#socialengineering
#recruitmentsecurity

Cybercrime group FIN6 (aka Skeleton Spider) is leveraging trusted cloud services like AWS to deliver malware through fake job applications.

Our latest analysis breaks down:
🔹 How attackers use LinkedIn & Indeed to build trust
🔹 The use of resume-themed phishing lures
🔹 Cloud-hosted infrastructure that evades detection
🔹 The delivery of the More_eggs backdoor via .LNK files
🔹 Key defense strategies for recruiters and security teams

This campaign is a masterclass in low-complexity, high-evasion phishing

📖 Read the full breakdown: https://dti.domaintools.com/skeleton-spider-trusted-cloud-malware-delivery/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Skeleton-Spider

#CyberSecurity #ThreatIntel #FIN6 #Phishing #CloudSecurity #MalwareAnalysis #InfoSec #SkeletonSpider

Nieuwe spear-phishing campagne richten zich op recruiters met 'more_eggs' malware https://www.trendingtech.news/trending-news/2024/10/39899/nieuwe-spear-phishing-campagne-richten-zich-op-recruiters-met-more-eggs-malware #spear-phishing #more_eggs #FIN6 #malware #recruiters #Trending #News #Nieuws

Speaking of sharing research.. I’m stoked to publish on this recently observed activity by #TA4557 (overlaps with #FIN6). We saw them targeting recruiters directly via email and using some really fun social engineering techniques. They always deliver More_eggs malware https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta4557-targets-recruiters-directly-email

There hasn't been much reporting on #FIN6 lately but they have been active... not sure about successful but they have been active 😂

#FIN6 just can’t stay away from holiday shopping season. This 2019 article from IBM X-Force IRIS is a good recap of TTPs still very much in use today.
https://securityintelligence.com/posts/more_eggs-anyone-threat-actor-itg08-strikes-again/