Spammers Target LinkedIn Members with Malware

By: Fahmida Y. Rashid
2010-09-27

Cisco Systems says spammers targeted LinkedIn members with fake connection requests that downloaded a worm known for stealing user bank account information.

Malicious cyber-criminals aren't just targeting Twitter users; LinkedIn members are in their crosshairs, as well.

LinkedIn members were reportedly deluged with spam e-mail messages masquerading as connection requests from the career-oriented social networking site Sept. 27.

Clicking on these requests sent users to a Website that displayed "PLEASE WAITING...4 SECONDS" before redirecting them to Google. During those 4 seconds, the Website downloaded Zeus data-theft malware onto their PCs, according to Cisco Systems.

Zeus, which embeds itself in the victim's Web browser and captures personal information such as online banking credentials, is widely used by criminals to pilfer from commercial bank accounts.

These messages accounted for as much as 24 percent of all spam sent within a 15-minute interval in the morning of Sept. 27, Cisco said. Cisco recommends that IT administrators warn users to delete connection requests, especially if they do not know the name of the contact.

Social networks are increasingly becoming a target for cyber-criminals. Twitter was hit over the weekend by a worm associated with a "WTF" tweet and a link, as well as the cross-scripting exploit that crippled Twitter.com the week of Sept. 20. Facebook users have not been immune, either.

Spam remains a popular form of attack, as with the "Here You Have" e-mail worm that wreaked havoc earlier in September. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.

LinkedIn has not yet publicly acknowledged the spam attack, nor warned users about the messages.

http://www.eweek.com/c/a/Security/Spammers-Target-LinkedIn-Members-with-Malware-869319/?kc=EWKNLEDP09292010D