The Rise of Cybersecurity Threats: Analyzing LinkedIn’s Recent Account Hacks

Hackers Hijack LinkedIn Accounts and Demand Ransom

Hackers have been targeting LinkedIn accounts, hijacking them and in some cases, demanding a ransom from users to regain access. The attacks have affected users worldwide in recent weeks, leading to a significant surge in account hacks on the professional-oriented social media platform, according to a report by Cyberint.

LinkedIn‘s Response and Users’ Concerns

LinkedIn, a subsidiary of Microsoft, has not yet made a public statement regarding the campaign. However, users have expressed their frustration with the lack of response from the company. The support response time from LinkedIn has also increased due to the high volume of support requests, indicating a potential issue.

Two Attack Scenarios

Based on reports of account hacks posted online, two scenarios have emerged. In the first scenario, LinkedIn temporarily locks a person’s account due to suspicious activity or hacking attempts. The user is then notified and asked to verify their account and update their password to regain access. This action is taken by LinkedIn when there are attempts to breach accounts through methods such as two-factor authentication or brute-force attacks.

The second scenario is more severe, where hackers gain complete control of the LinkedIn account. They change the associated email address to another address, often using email addresses generated through the mail system of rambler.ru. Attackers then change the account password, making it impossible for the user to recover their login details using their previous email address. Some victims have received ransom messages to regain access, while others have seen their accounts deleted outright.

History of Targeting LinkedIn

This is not the first time LinkedIn has been targeted by cybercriminals. Last year, it was the most abused brand in phishing attempts. In June of this year, North Korean APT Lazarus used fake LinkedIn profiles to target security researchers in a phishing campaign. LinkedIn has also been targeted in spear-phishing campaigns to take over Facebook Business accounts.

The motive behind the recent account-takeover campaign remains unclear. However, compromised LinkedIn profiles provide opportunities for threat actors to engage in various malicious activities, such as impersonating trusted colleagues, accessing confidential conversations, and causing reputational damage.

Protecting LinkedIn Accounts

Given the potential scope and seriousness of these breaches, Cyberint strongly advises LinkedIn users to promptly log into their accounts and confirm their access. They should also verify that all contact information within their accounts is genuine and contact LinkedIn immediately if they are locked out and unable to recover the account using their email.

Users should also check their email inboxes for messages from LinkedIn indicating the addition of an extra email to their accounts, as this could be a sign of a hack. To further secure their profiles, users should strengthen their password security and enable two-step verification, a feature offered by LinkedIn and other platforms for additional account protection.

As online identity becomes increasingly crucial in our lives, it is essential to take proactive measures to protect our accounts and personal information from falling into the wrong hands.