Warning: LinkedIn Spam Serve Adobe and Java Exploits to Drop Malware on Your PC

Gallery Icon

bill-swift - June 20, 2012

The social network for professionals, LinkedIn, is apparently the flavor of the month for cyber criminals all over the world. After having close to 6.5 million password hashes of its users leaked last week, a new spam campaign that's still targeting users of the site has been discovered.

Researchers from PandaLabs intercepted an email that was inviting the recipient to check his or her inbox on LinkedIn. Apparently, 10 new messages were waiting to be read, and if you're active on the social network, then you'll probably click on the link to 'view your inbox' without any second thoughts.

That's what the spammers want you to do anyway, so they can load an exploit and plant malware on your device. As to what happens next..

In some cases, your browser will crash. In other cases, the page will just appear to sit there and nothing happens. In unfortunate cases, the exploit will begin doing its work. As said before, a mixed flavor of Adobe and Java exploits are used.

-- Bart Parys, security researcher at PandaLabs

Seems like a lot of malware for just one link, don't you think? Once the malware is installed, it will try to phone or connect with pre-programmed numbers or IP addresses and download more malware. The connection can also be used by the cyber criminals to send further instructions so they can turn your computer into a botnet.

First things first: check email messages you get before clicking on any links in them, even if they seem legitimate. It's better to be safe than sorry. Next, make sure all of your current programs or apps have been patched, and keep your anti-virus program updated.

Tagged in: gear ,

Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@) and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.