Social News XYZ     

Hackers exploiting LinkedIn’s chat, job posting tools to steal users’ data

Hackers exploiting LinkedIn's chat, job posting tools to steal users' data

New Delhi, Aug 30 (SocialNews.XYZ) Microsoft-owned LinkedIn is being used by hackers to spread data stealing malware via sending connection requests in disguise of people working with reputed companies, a report showed on Tuesday.

Researchers from AI cyber-security firm CloudSEK found that scammers are exploiting LinkedIn's chat and job posting features to share links/files that are laced with stealer malware.


Since most LinkedIn users accept any and all connection requests they receive, scammers can easily make connections and build credibility on the platform.

After building credibility, the actors share malicious files and links, which are then opened by unsuspecting victims.

Once opened, a stealer malware is deployed on the victim's system, from which it steals passwords, credit card information, and other sensitive data, and sends it to the threat actors.

"This large-scale misuse of LinkedIn could be the gravest threat yet. The underlying promise of professionalism makes it easier for scammers to run campaigns at scale," said Rahul Sasi, CEO and Founder of CloudSEK.

This is how it works.

A LinkedIn connection reaches out to you regarding a project, from a well-known company, that might be of interest to you.

The connection shares a URL or a zip file with the information stealer embedded. The file size is usually restricted to 100MB to evade antivirus or security tools.

"Once opened, the file automatically downloads the stealer malware onto your system. It then steals passwords and cookies stored on your browser," warned the report.

The stolen credentials are then used to compromise and take over the victim's social media and email accounts.

"We recommend that all users verify connection requests before accepting them, even if the requester is connected to someone you know," said Sasi.

It is also important to scan documents and files shared on LinkedIn, before opening them on your systems.

Source: IANS

Facebook Comments
Hackers exploiting LinkedIn's chat, job posting tools to steal users' data

About Gopi

Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.

He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.

When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.

He can be reached at

%d bloggers like this: