Hackers Exploiting Linkedin\'s Chat, Job Posting Tools To Steal Users\' Data

News Desk- News Desk Last Updated Time: 2022-08-30 11:23:14  IST
 My Profile
Mail
 Subscribe
 Story View

Hackers are exploiting LinkedIn’s chat and job posting tools, to get access to users’ information

New Delhi, Aug 30 : Microsoft’s LinkedIn is used by cybercriminals to distribute data to steal malware by sending connections requests in disguise of individuals working with known businesses, as a report revealed on Tuesday.
Researchers from AI cybersecurity firm CloudSEK discovered that scammers are using LinkedIn’s chat feature and job listing functions to share links or files that are infected with malware that steals information.

Hackers Exploiting Linkedin's Chat, Job Posting Tools To Steal Users' Data-TeluguStop.com

Since the majority of LinkedIn users are willing to accept all requests for connections that they get, fraudsters could easily create connections and build credibility on the platform.

After gaining credibility, the actors then share malicious links and files that are later opened by innocent victims.

Once the file is opened, a theft malware is downloaded onto the victim’s system, through which it is able to steal credit card details and other sensitive information and then sends it to threat actors.

“This massively ill-use of LinkedIn might be the most serious threat to LinkedIn.

The claim of professionalism makes it much easier for fraudsters to launch campaigns on a massive the scale of a campaign,” said Rahul Sasi the CEO and CloudSEK’s founder and CEO.of CloudSEK.

It’s how it works.

A LinkedIn connection contacts you regarding a new project from a well-known business which could be of interest to you.

The connection shares a URL or zip file with the information stealer embedded.The size of the file is typically restricted to 100MB to deter security or antivirus.

“Once opened the file, it automatically downloads the malware used to steal your information to your computer.It then takes over cookies and passwords stored in the web browser.” said the report.

The credentials stolen are used to hack and take control of the victim’s email and social media accounts.

“We suggest that all users examine connection requests prior to accepting them even if the person who is requesting is connected to a person whom you are familiar with,” said Sasi.

It is also essential to scan files and documents that are shared on LinkedIn before using them on your computer.

na/

Disclaimer : TeluguStop.com Editorial Team not involved in creation of this article & holds no responsibility for its content..This Article is Provided by IANS, Please contact IANS if any issues in Article .


Follow Us on FacebookFollow Us on WhatsAppFollow Us on Twitter