Blog

Malware attacks LinkedIn users

Cisco, the security company, is warning the public today that cyber-criminals have launched a very aggressive and hostile malware campaign that attacks people browsing on professional networking site LinkedIn.

The perpetrators are sending infected spam through LinkedIn containing malevolent links. If someone clicks on the links, they land on a site displaying the message – “PLEASE WAITING…4 SECONDS” before being diverted to Google.

During those few seconds of lag time, the data stealing trojan Zeus rapidly blossoms inside their computer. Zeus is popular among cyber-criminals who use it for theft of personal information, particularly banking credentials.

A researcher at Cisco said the malware campaign was unique in that it sent massive amounts of e-mails targeting commercial end-users and infecting them with the Zeus.

The researcher added that specific targets appear to be employees who handled business bank accounts on the Internet along with financial systems.

Any unfamiliar or unsolicited requests should be erased, Cisco said. If you are attacked, logins and other credentials should be changed as soon as the virus is wiped out.

The new attack backs up evidence that cyber-criminals are increasingly turning to social networks as the launchpad for their attacks.

According to Spamfighter.com, during the 4th weekend of September 2010, a computer virus attacked Twitter with tweets that were captioned “WTF” and which contained a malicious link. Furthermore, during the week starting September 20, 2010, an XSS exploit virtually brought down Twitter.com. Similar attacks were reported as targeting Facebook with malicious junk messages during mid-September 2010, which Avira, the security company discovered.

1 comment…

  • cybercrime111 October 6, 2010, 2:26 pm

    Small business with commercial accounts have had hundreds of thousands, and sometimes millions of dollars stolen from their commercial bank accounts, only to learn that their banks don’t take responsibility for safeguarding their funds from these attacks. Clicking on:

    http://www.yourmoneyisnotsafeinthebank.org/Banking_CyberProtection_Demand_Letter.doc

    will download a letter you can print out and take to your financial services institution to learn if your small- and medium-sized enterprise is vulnerable to losing money to cyber-criminals like the ones mentioned in this article.

    Reply

Leave a Comment

The top job site blogs

Want to see what the top job sites are blogging about? Check out the Big Dog Blogs category (excluded from the homepage).

Powered by LatPro Inc., developer of: