LinkedIn account hacks led to some victims paying ransom to attackers when threatened with permanent account deletion, researchers say.
A massive global campaign has been targeting LinkedIn users, with cybercrooks trying to take over accounts and extort victims, researchers at Cyberint claim. The conclusion is supported by numerous pleas for help on LinkedIn’s help page on the former Twitter, X.com.
“I have been hacked I’ve asked for help, not getting far, now I believe the hacker is using a false LinkedIn email to try and get my photo ID, I would like to be able to speak to a human as I do not trust these emails I’ve googled for a contact number, I need help,” one user complained on August 9th.
According to Cyberint’s blog, Google Trends data shows that the volume of queries on “LinkedIn account hacked” and “LinkedIn account recovery” have increased by a staggering 5000%, indicating a large-scale problem.
Researchers claim that some victims only have to deal with temporary account locks, as attackers get locked by LinkedIn over suspicious activity. In these cases, users are asked to verify their accounts, update their passwords, and normally regain access. Others are not so lucky.
Compromised accounts are fully taken over, with malicious actors making sure the original owners can’t independently regain access. Once attackers take over the account, they immediately alter the account’s associated email address. Researchers note that email addresses created via the mail system rambler.ru are often used during these attacks.
“By changing the email address, threat actors effectively prevent the victim’s ability to restore their account via email, thereby leaving the account irrecoverable. Some victims have received ransom messages to regain access, while others have witnessed their accounts being deleted outright,” Cyberint’s blog explains.
Researchers surmise that the number of complaints regarding LinkedIn hacks points to a comprehensive and targeted campaign. Even though attackers’ motives are unclear, stolen professional accounts have many uses for threat actors. For example, cybercrooks could employ hacked accounts for social engineering purposes, blackmail, and data gathering.
“Hacked accounts could be used to spread malicious content, erase years of contributions, or send damaging messages to connections, severely damaging an individual’s reputation,” researchers said.
To minimize the risk of LinkedIn account hacks, researchers advise users to check if they still have access to their account, check for messages from LinkedIn about any changes in the primary account email, employ password security, and enable two-factor authentication.
LinkedIn is a juicy target for attackers as user accounts hold personal and professional data that can be used for further attacks. Cybernews has already reported on malicious actors leaking an archive containing data purportedly scraped from 500 million LinkedIn profiles.
More from Cybernews:
Subscribe to our newsletter