LinkedIn members targeted by botnet malware: How to check your computer

[David Baxter PhD]

LinkedIn Members Targeted by Botnet Malware
by Donald Sears, Threatpost
September 29, 2010

Members of LinkedIn who clicked on fake connection requests sent users to a Website that displayed "PLEASE WAITING...4 SECONDS" before redirecting them to Google.

During those 4 seconds, the Website downloaded Zeus data-theft malware onto their PCs.

See below for full article and removal instructions.

 

[David Baxter PhD]

Spammers Target LinkedIn Members with Malware
by Fahmida Y. Rashid, eWeek
September 27, 2010

Cisco Systems says spammers targeted LinkedIn members with fake connection requests that downloaded a worm known for stealing user bank account information.

Malicious cyber-criminals aren't just targeting Twitter users; LinkedIn members are in their crosshairs, as well.
LinkedIn members were reportedly deluged with spam e-mail messages masquerading as connection requests from the career-oriented social networking site Sept. 27.
Clicking on these requests sent users to a Website that displayed "PLEASE WAITING...4 SECONDS" before redirecting them to Google. During those 4 seconds, the Website downloaded Zeus data-theft malware onto their PCs, according to Cisco Systems.

Zeus, which embeds itself in the victim's Web browser and captures personal information such as online banking credentials, is widely used by criminals to pilfer from commercial bank accounts.

These messages accounted for as much as 24 percent of all spam sent within a 15-minute interval in the morning of Sept. 27, Cisco said. Cisco recommends that IT administrators warn users to delete connection requests, especially if they do not know the name of the contact.

Social networks are increasingly becoming a target for cyber-criminals. Twitter was hit over the weekend by a worm associated with a "WTF" tweet and a link, as well as the cross-scripting exploit that crippled Twitter.com the week of Sept. 20. Facebook users have not been immune, either.

Spam remains a popular form of attack, as with the "Here You Have" e-mail worm that wreaked havoc earlier in September. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.

LinkedIn has not yet publicly acknowledged the spam attack, nor warned users about the messages.

 

[David Baxter PhD]

Doing some research, I learned that the latest version of Malwarebytes (free) will detect and disinfect this malware. Chances are your installed antivirus software may also do this but it never hurts to double-check.