Think Information. Think Security.
 
Picture
LinkedIn users have to be more cautious now since the malware is now trying to connect to you and in your network.

Crooks are using new malware and LinkedIn to locate key people at firms to target with toxic spam.

LinkedIn’s been the hot networking spot for professionals for the past several years. But lately it’s also drawn the attention of web crooks, who see the site as a new point of infiltration.


Security firm Trusteer says it’s spotted a new malware campaign that targets LinkedIn users. The attack starts with a connect request that looks almost the same as the normal LinkedIn invite. 

Here's how it looks like:
Picture
Image courtesy of Trusteer.
Picture
Image courtesy of Trusteer.
From there, victims who click on the fake confirmation link are routed to a malicious server in Russia, which Trusteer says uses the BlackHole exploit kit to download the Zeus 2 malware onto the user’s computer. The BlackHole exploit kit locates vulnerabilities on a computer that can be used as a spot to place the malware. Zeus, which is able to avoid most anti-malware detection programs, enables hackers to access workstations as well as corporate information and data. Of particular risk are external work stations that connect to the firm’s network through VPNs.

Trusteer says this type of attack is particularly dangerous, since a large share of enterprise users who receive a fake LinkedIn message are likely to click on it (a survey conducted a few weeks ago by the firm found that nearly 70 percent of such users are likely to click on such an email).


Editor's Note: Cross post from Malware City



Leave a Reply.