Malware Campaign Hits Linkedin, Reports Cisco

Researchers from Cisco the security company warn that cyber-criminals have launched an extremely hostile malware campaign, which's attacking people browsing LinkedIn the well-known professional social-networking website.

Elaborates the company, the criminals through this campaign are sending spam mails containing malevolent web-links that are responsible for a good 24% of the entire e-mail junk in just 15 minutes. Users who became trapped with the spam mail and followed the web-link inside it landed on a site displaying the message - "PLEASE WAITING...4 SECONDS" following which they were diverted onto Google.

Meanwhile, over that brief period of time the user's computer became infected with malicious website that served data stealing Trojan Zeus via drive-by download, says Cisco. Incidentally, Zeus is an extremely popular malware among cyber-criminals who use it for theft of personal information, particularly banking credentials.

Remarking about the new assault, Henry Stern Security Researcher at Cisco stated that it was a unique campaign as it sent massive amounts of e-mails that concentrated on commercial end-users, infecting them with the Zeus. Cisco published this on September 27, 2010.

Continuing further, the researcher stated that the nature of the attack greatly suggested that the perpetrators chose to target employees in particular, who handled business bank accounts on the Internet along with financial systems.

Meanwhile, Cisco's security researchers recommend that all Web-users should erase any unsolicited request on the social network as well as shun clicking any application or implanted link inside the e-mails of the above kind that may come to them.

Nevertheless, if anyone is affected with the spam mail, Cisco recommends that that person should reset his passwords since the Zeus Trojan attack seizes login credentials and passwords.

Eventually, the new attack as well indicates that cyber-criminals are increasingly targeting social networks. During the 4th weekend of September 2010, a computer virus attacked Twitter with tweets that were captioned "WTF" and which contained a malicious link. Furthermore, during the week starting September 20, 2010, an XSS exploit virtually brought down Twitter.com. Similar attacks were reported as targeting Facebook too with malicious junk messages during mid-September 2010, which Avira, the security company discovered.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 10/4/2010