Once again the LinkedIn users have been under massive spam attack in form of an official LinkedIn lookalike notification about a supposedly received message from a potential new connection.
Sadly for the users, it is not a real LinkedIn link- It is a fake link that redirected users to a different compromised site and asks for their personal details or welcome them with several malicious malware hosted on US, UK, Russian or Italian servers; that steals information and hijacks users’ address book to spam their contacts.
Bitdefender reports that the company detected one site which was hosting Trojan JS BlacoleRef W, difficult to detect and deadly for the internet users. It takes control over the user’s computer when clicked, steals credit card details and other personal/sensitive information.
“Malware writers are again taking advantage of LinkedIn’s popularity and users’ social media engagement after the holidays. With many people back to work and eager to strengthen their professional connections, the malicious campaign comes in really handy for the attackers,” Bitdefender concludes.
This is not the first time when LinkedIn has been misused to hack users; In June 2012 similar Trojon took over several user accounts, which was an embarrassing situation for the company.