LinkedIn Accounts Hacked & Ransomed

Uploaded on 2023-08-22 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, FREE TO VIEW

A widespread malicious hacking campaign has seen many LinkedIn users locked out of their accounts worldwide. While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests. 

After the attacks, some victims are pressured to pay a ransom to regain control of their accounts or face permanent deletion and threatened with permanent account deletion, according to a report from Cyberint,

In other instances, LinkedIn users report that they have received notification emails from LinkedIn telling them that their accounts have been temporarily locked due to "unusual activity". 

Analysis of Google Trends reveals a significant surge, of 5000%, in the past 90 days in the volume of searches related to hacked account campaigns on LinkedIn. There has also been a marked increase not just in conversations about hacked accounts on social media, but also in the frequency of searches for LinkedIn support regarding recommended actions when an account is compromised, Cyberint reported

Some LinkedIn users report that they have received notification emails from LinkedIn telling them that their accounts have been temporarily locked due to "unusual activity". These appear to be a precautionary step from the site, when they see multiple attempts to break into an account, perhaps through the use of brute force password attacks or due to multiple attempts to defeat the two-factor authentication (2FA) protection some users have enabled on accounts.

Victims have turned to social media in their attempts to regain access to their accounts, complaining about a lack of meaningful response from LinkedIn's support team.

The security problem is clearly not limited to just the LinkedIn users complaining online. Researchers found that the number of Google searches related to compromised LinkedIn accounts has seen a "significant surge" in the past 90 days. Search terms like "Linkedin account recovery appeal" and "Linkedin account hacked 2023" have been classified as a "breakout", meaning that searches for the term have grown by over 5000%. 

So, what should you do if you're worried that your LinkedIn account might be the next to be hijacked by cyber criminals? The advice to users is:

  •  Ensure that you have a strong, hard-to-crack, unique password protecting your LinkedIn account.
  • Enable 2-factor authentication on your LinkedIn account to provide an additional layer of defence if your password has been compromised. LinkedIn appears to offer both app-based 2FA and SMS-based 2FA. My preference is not to use SMS-based 2FA because of the problem of SIM swap attacks, but frankly any 2FA is better than no 2FA at all.
  • Check your LinkedIn account's settings to ensure that it is associated with an email address that you regularly check - you don't want to miss any legitimate communication from the company telling you that someone else has added their email address to your LinkedIn profile.  

LinkedIn is no stranger to being a target for cybercriminals In 2022, the platform was called the most abused brand in phishing attempts, likely due to its widespread use in the corporate and education sectors. 

In June the North Korean APT Lazarus was spotted using fake LinkedIn profiles to target security researchers in a phishing campaign. In another spear-phishing campaign discovered last July, attackers targeted LinkedIn as part of an effort to take over Facebook Business accounts to run malvertising exploits.

Cyberint:       LinkedIn:     Tripwire:    Dark Reading:    HelpNetSecurity:     The Hindu:      Image: Greg Bulla

You Might Also Read: 

Half Of Phishing Emails Target LinkedIn Accounts:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« How AI & VoIP Are Revolutionizing Communications
How To Check Out Suppliers Before You Commit »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Promon

Promon

Promon is an application security vendor providing Self-Protection abilities to Mobile apps and Desktop applications.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

AlertSec

AlertSec

AlertSec Ensure is a U.S. patented technology that allows you to educate, verify and enforce encryption compliance of third-party devices.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

IQ4 - Cybersecurity Workforce Alliance (CWA)

IQ4 - Cybersecurity Workforce Alliance (CWA)

Cybersecurity Workforce Alliance, a division of iQ4, is an organization comprised of a diverse range of professionals dedicated to the development of the cybersecurity workforce.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.