01 Jul 2021

LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers

Just days after LinkedIn was targeted in another data-scraping attack consisting of 700 million LinkedIn profiles, the victims of the attack are being targeted by cybercriminals. The data scraping incident resulted in the trove of information being posted to a popular hacker forum. The vast amount of lifted data is

Read More
07 Apr 2021

Data scraped from 500 million LinkedIn users found for sale online

A huge trove of LinkedIn data has been discovered on an online marketplace, exposing the IDs, names, email addresses, and personal details of 500 million users. Although the data may not seem harmful alone, it could be used to launch additional attacks on LinkedIn and specific users. The data set

Read More
06 Apr 2021

LinkedIn Spear-Phishing Campaign Targets Job Hunters

A new campaign has been observed to target job hunters seeking opportunities via Linkedin. A threat group named Golden Chickens is allegedly behind the campaign, which creates fake job offers to lure professionals into downloading a backdoor Trojan called more_eggs. The spear-phishing campaign was discovered by researchers at eSentire. The

Read More
22 Mar 2021

China Punishes Microsoft’s LinkedIn Over Lax Censorship

LinkedIn is the only major American social networking site allowed to operate in China, but only operates after the service censors the posts made by its millions of users. The Microsoft-owned service is now facing criticism after not censoring enough. The site for professionals was rebuked by China’s internet regulator

Read More
26 Aug 2020

Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages

Lazarus Group, a North Korean-based APT, has been targeting the cryptocurrency industry through sophisticated phishing messages over LinkedIn. The nation-state threat operator has allegedly been conducting a widespread phishing campaign that targets a variety of businesses worldwide and appears to be financially motivated. The attackers are attempting to leverage the

Read More
13 Jul 2020

Russian Hacker Finally Found Guilty of 2012 LinkedIn Breach

Yevgeniy Nikulin has finally been convicted of launching cyberattacks against LinkedIn, Dropbox, and Formspring that resulted in millions of customer accounts being breached. Nikulin has spent years in custody after his initial arrest in Prague in 2016. Nikulin remained in Prague for over a year, eventually brought to the US

Read More
17 Jun 2020

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

A recent malware campaign has been uncovered, targeting victims in Europe and the Middle East through LinkedIn spear-phishing messages. The targets are in the aerospace and military fields, and the attackers are impersonating human resource employees from Collins Aerospace and General Dynamics. Targets receive messages advertising fake job offers that

Read More
31 Oct 2019

Hackers who extorted Uber and LinkedIn plead guilty

In 2016, one American citizen and one Canadian national teamed up to compromise the systems of Uber and LinkedIn in order to steal user information, which they subsequently used in order to extort the two companies, the two admitted in court this week. The threat actors used a custom tool

Read More
23 Aug 2019

LinkedIn stopped more than 21 million fake accounts this year, but legitimate users are the real challenge

In the first half of 2019, LinkedIn banned or blocked over 21.6 million fake accounts, 19.5 of which never made it past the registration stage, new figures released by the professional networking platform show. Of the accounts that did go live, around 2 million were detected by employees and the

Read More
22 Jul 2019

Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections

FireEye researchers recently uncovered a new phishing campaign by Iranian state-backed cyber espionage group APT34 (aka OilRig or Greenbug) that took advantage of LinkedIn. Masquerading as a Cambridge University lecturer on LinkedIn, the threat actors invited people to connect with them. If a victim accepted the connection, the hackers would

Read More