LinkedIn Ransomware Attack: Data Held Hostage, Criminals Demand Payment to Unlock Accounts
Ransomware attacks were running rampant on LinkedIn in recent months leaving many users locked out of their accounts, a cybersecurity company.
“Cybercriminals were requesting ransom payments to release control of these accounts,” said Nicolai Solling, Chief Technology Officer at Help AG.
“It is likely that the attack was carried out to exploit data leaked from other breaches, with cybercriminals attempting to see if LinkedIn users had reused usernames and passwords.”
The ease in availability of automation tools to potential attackers is expected to drive down the overall cost of executing such attacks as their efficiency will increase, he warned.
The hacking attack, which took place in August, led many users to be locked out of their accounts. Experts at Help AG believe that the attacks were not necessarily enabled by a data breach or vulnerability in the systems, but rather by “the incorrect behaviour of a user.”
“The recent spike in hacking attacks on LinkedIn underscores a fundamental truth: scammers consistently target what people hold dear. In today’s era, social media platforms, especially professional ones like LinkedIn, are highly valued,” said Sunil Sharma, Director of Cyber Defense at Help AG.
“When individuals lose access to their accounts, they aren’t just forfeiting their digital presence; they risk damaging their reputation and potential revenue.”
For senior executives and industry leaders, a breach of their LinkedIn accounts extends far beyond mere personal inconvenience. It can have ramifications beyond the personal level; in extreme cases, it can even influence stock markets.
“Imagine a big pharmaceutical CEO’s account being hijacked and used to falsely claim the discovery of a miracle cure. Such misleading information could drastically impact the company’s stock value or spread rumors. This is particularly significant in industries where stock evaluations are already sky-high. The implications of such breaches are both vast and alarming,” he explained.
A spokesperson from LinkedIn that it has managed to stop most fraudulent activity on the platform “before you ever see it.”
“We know that scammers are becoming more sophisticated, and are constantly evolving their strategies. We use technology including artificial intelligence paired with teams of experts to stop fraudulent activity before you ever see it – 99.3 percent of detected spam and scams were removed by our automated defenses and 99.6 percent of detected fake accounts were blocked before members reported them,” the spokesperson said in an email statement.
The most common type of inappropriate content LinkedIn often takes action on are spam or scam content. These include inappropriate commercial activity and repetitive invitations or communications, often motivated by financial gain.
How to protect your LinkedIn account
“Such breaches are a symptom of the situation we are currently in – what you could call an electronic debt spiral,” said Solling.
“Many of us are not paying enough attention to how social media platforms and other applications can impact our privacy and security, and as a result are not making the right decisions around our online presence.”
The steps taken to protect your LinkedIn account can also be applied to other social media platforms.
The Help AG experts advised users to use a strong complex password, preferably a minimum of 12 characters including uppercase and lowercase letters, numbers, and special characters.
“With such a password, attackers will need 226 years to brute force your password, according to Hive Systems,” Solling added.
“In contrast, passwords consisting of only 6 characters despite having numbers, different case letters and special characters can still often be brute forced instantly.”
In addition, users should enable two-factor authentication, either through SMS or an authenticator app, or risk an attacker doing so first.
“We witnessed an especially scary trend in the recent hijackings wherein attackers changed the account password then proceeded to enable two-factor authentication, making it impossible for the original user to retrieve their account,” Sharma explained.
Users often fall into the habit of using the same password across various platforms. Using unique passwords for all your accounts will ensure that if one password is compromised, it is only limited to the single account.
“By employing a password manager to simplify your digital security, you only need to remember one master password to access the manager, and it will securely store all your complex and unique passwords for each application and service you utilise,” Sharma advised.
The experts also suggested that users avoid using websites or apps that request access through password federation – a practice that allows you to access multiple platforms using a single set of login credentials.
“Inadequate security measures could potentially jeopardise not only the site but also the additional login source you’ve linked. To enhance security, it’s advisable to create a distinct login account whenever possible instead of using federated credentials.”
