Malware attacks LinkedIn users

Cisco, the security company, is warning the public today that cyber-criminals have launched a very aggressive and hostile malware campaign that attacks people browsing on professional networking site LinkedIn.

The perpetrators are sending infected spam through LinkedIn containing malevolent links. If someone clicks on the links, they land on a site displaying the message – “PLEASE WAITING…4 SECONDS” before being diverted to Google.

During those few seconds of lag time, the data stealing trojan Zeus rapidly blossoms inside their computer. Zeus is popular among cyber-criminals who use it for theft of personal information, particularly banking credentials.

A researcher at Cisco said the malware campaign was unique in that it sent massive amounts of e-mails targeting commercial end-users and infecting them with the Zeus.

The researcher added that specific targets appear to be employees who handled business bank accounts on the Internet along with financial systems.

Any unfamiliar or unsolicited requests should be erased, Cisco said. If you are attacked, logins and other credentials should be changed as soon as the virus is wiped out.

The new attack backs up evidence that cyber-criminals are increasingly turning to social networks as the launchpad for their attacks.

According to Spamfighter.com, during the 4th weekend of September 2010, a computer virus attacked Twitter with tweets that were captioned “WTF” and which contained a malicious link. Furthermore, during the week starting September 20, 2010, an XSS exploit virtually brought down Twitter.com. Similar attacks were reported as targeting Facebook with malicious junk messages during mid-September 2010, which Avira, the security company discovered.