Cyber threat actors, in successful hacking campaigns, are targeting LinkedIn accounts. The attacks are following a consistent method where user accounts are hijacked by threat actors after which victims are pressured to pay a ransom to regain control of their accounts or face permanent deletion.
Analysis of Google Trends reveals a significant surge, of 5000%, in the past 90 days in the volume of searches related to hacked account campaigns on LinkedIn. There has also been a marked increase not just in conversations about hacked accounts on social media but also in the frequency of searches for LinkedIn support regarding recommended actions when an account is compromised, Cyberint, a threat intelligence company, said in a blog post.
While LinkedIn is yet to release a statement about the campaign, threat actors appear to be making use of brute force attacks to hijack user accounts. There are two scenarios that victims of the campaign are facing.
In the first scenario users temporarily lose access to their accounts and receive an official email from LinkedIn notifying them of the security measure to secure their accounts against brute force attacks. In this scenario, the accounts themselves are not compromised, however, due to suspicious activity from threat actors, the accounts are temporarily locked. Affected users have the option to request verification of their identity update their passwords and regain access to their accounts.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
In the second scenario, accounts are hacked and users are unable to regain access. Threat actors achieve this by changing the email addresses and passwords associated with hacked accounts to ensure users cannot regain control of their accounts. Some victims have reportedly received ransom messages, while other users had their accounts deleted by cybercriminals, the post said.
Implications of the campaign
While the motive of the campaign is not clear, the implications can be far-reaching. The compromised accounts could be used as a base to launch further social engineering campaigns, threat actors could also leverage conversations between professionals for data gathering, demanding ransom and tarnishing the image of professionals and organisations.
Secure LinkedIn accounts
LinkedIn users can check their account access, update their contact information and reach out to LinkedIn support in case they witness any suspicious activity on their accounts. Users are also advised to update to stronger passwords, enable two-factor-authentication and ensure they are logged in to their accounts.