TA4557, a threat actor tracked since 2018 to be sending job-themed email threats, has started a new technique of targeting recruiters with direct emails that ultimately lead to malware delivery, according to Proofpoint.
The threat actor known for using More_eggs downloader as the malware dropper has previously only resorted to applying to jobs posted on public job boards or LinkedIn postings, and inserting malicious URLs in the application.