Researchers at Cyberint have reported a significant increase in online discussions pertaining to LinkedIn account hacking. Users have reported cases of accounts being locked, hijacked, or permanently deleted. In some instances, attackers are asking for ransom payments to recover the compromised accounts.
Our analysis using Google Trends reveals a significant surge in the past 90 days in the volume of Google searches related to the hacked account campaign. Search queries such as “LinkedIn account hacked” or “LinkedIn account recovery” have experienced a substantial upward trend… while the term “breakout” in place of percentage indicates that the search term grew by over 5000%.
Coral Tayar, Cyberint
In the case of full account compromise, attackers are changing the associated email addresses to prevent legitimate users from recovering their accounts. The threat actors are generating new email accounts on the Russian mail service rambler.ru. The exact motive of the attacks is yet unknown.
The spike in hijacked accounts appears to have increased response times for LinkedIn support and associated account recovery efforts.
Users are advised to use a strong password with sufficient complexity to deter password-guessing attacks. They are also encouraged to enable two-factor authentication.