Hackers target LinkedIn, hijack user accounts: Report   

LinkedIn is facing a wave of account hijacking attacks globally resulting in victims losing access to their accounts  

August 17, 2023 02:11 pm | Updated 02:11 pm IST

Cyber threat actors, in successful hacking campaigns, are targeting LinkedIn accounts.

Cyber threat actors, in successful hacking campaigns, are targeting LinkedIn accounts. | Photo Credit: AP

Cyber threat actors, in successful hacking campaigns, are targeting LinkedIn accounts. The attacks are following a consistent method where user accounts are hijacked by threat actors after which victims are pressured to pay a ransom to regain control of their accounts or face permanent deletion.

Analysis of Google Trends reveals a significant surge, of 5000%, in the past 90 days in the volume of searches related to hacked account campaigns on LinkedIn. There has also been a marked increase not just in conversations about hacked accounts on social media but also in the frequency of searches for LinkedIn support regarding recommended actions when an account is compromised, Cyberint, a threat intelligence company, said in a blog post.

While LinkedIn is yet to release a statement about the campaign, threat actors appear to be making use of brute force attacks to hijack user accounts. There are two scenarios that victims of the campaign are facing.

In the first scenario users temporarily lose access to their accounts and receive an official email from LinkedIn notifying them of the security measure to secure their accounts against brute force attacks. In this scenario, the accounts themselves are not compromised, however, due to suspicious activity from threat actors, the accounts are temporarily locked. Affected users have the option to request verification of their identity update their passwords and regain access to their accounts.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

In the second scenario, accounts are hacked and users are unable to regain access. Threat actors achieve this by changing the email addresses and passwords associated with hacked accounts to ensure users cannot regain control of their accounts. Some victims have reportedly received ransom messages, while other users had their accounts deleted by cybercriminals, the post said.

Implications of the campaign

While the motive of the campaign is not clear, the implications can be far-reaching. The compromised accounts could be used as a base to launch further social engineering campaigns, threat actors could also leverage conversations between professionals for data gathering, demanding ransom and tarnishing the image of professionals and organisations.

Secure LinkedIn accounts

LinkedIn users can check their account access, update their contact information and reach out to LinkedIn support in case they witness any suspicious activity on their accounts. Users are also advised to update to stronger passwords, enable two-factor-authentication and ensure they are logged in to their accounts.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.