YouTube player

There is currently an active campaign by hackers to take over LinkedIn accounts. This has resulted in victims being pressured into paying to regain control of their account or facing permanent deletion. Security research company, Cyberint has observed an ongoing and successful hacking campaign targeting LinkedIn accounts. They all follow a consistent attack approach of using leaked credentials or brute-forcing attempts to gain access to those LinkedIn accounts. Should they be successful, they would change the associated email address to be one from the service. They would also change the account password and enable 2FA after hijacking the account, and this makes the recovery process even more difficult. The attackers would demand a ransom for returning the account or would sometimes outright delete the accounts without making any demands. For accounts that are protected by strong passwords and/or 2FA, the multiple takeover attempts would result in a temporary lock imposed by LinkedIn on those accounts. The owners of those accounts will be prompted to verify ownership by providing additional information before they are allowed to sign back in.

This segment was created for the It’s 5:05 podcast