Once again the LinkedIn users have been under massive spam attack  in form of an official LinkedIn lookalike notification about a supposedly received message from a potential new connection.

linkedin-phish-mal

Sadly for the users, it is not a real LinkedIn link- It is a fake link that redirected users to a different compromised site and asks for their personal details or welcome them with several malicious malware hosted on US, UK, Russian or Italian servers;  that steals information and hijacks users’ address book to spam their contacts.

Bitdefender reports that the company detected one site which was hosting  Trojan JS BlacoleRef W, difficult to detect and deadly for the internet users. It takes control over the user’s computer when clicked, steals credit card details and other personal/sensitive information.

“Malware writers are again taking advantage of LinkedIn’s popularity and users’ social media engagement after the holidays. With many people back to work and eager to strengthen their professional connections, the malicious campaign comes in really handy for the attackers,” Bitdefender concludes.

 

This is not the first time when LinkedIn has been misused to hack users; In June 2012 similar Trojon took over several user accounts, which was an embarrassing situation for the company.


Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.