Malicious LinkedIn Messages Hit Computers with Zeus Malware

Prospective employers and job applicants aren’t the only ones using LinkedIn
for research. Cyber-criminals are increasingly using the social networking site
for professionals to identify potential victims, according to security experts.

Security firm Trusteer uncovered spam messages designed to look almost the
same as legitimate notification messages from LinkedIn, Trusteer
CEO Mickey Boodaei
wrote on the company blog June 2. When users click on
the link in the message, usually an invitation to connect with someone, they
are redirected to a malicious server in Russia serving up malware.

Through LinkedIn, cyber-criminals can build a profile of targeted
enterprises and locate key people within the organization. The spam messages
sent to those folks could be used to install malware, which could steal login
credentials or other confidential information.

"Sounds unlikely? Well, think again," Boodaei said.

The fraudulent LinkedIn messages take users to a domain.
Despite the name, the domain has nothing to do with It was
registered May 31, and the server associated with the IP address is based in

The users are then hit by drive-by-download attacks based on the BlackHole
exploit kit to install the Zeus 2 Trojan on the computer, according to
Trusteer. This Zeus variant transmits the stolen data to a server in Zhejiang,

To read the original eWeek article, click here: Fake LinkedIn Messages Install Zeus Malware on Victims’ Computers

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles