A malicious hacking campaign targeting LinkedIn users has been identified by security researchers, resulting in numerous users worldwide being locked out of their accounts. The cybercriminals behind this campaign have been changing the passwords of these accounts, effectively blocking user access.
In some cases, they have even demanded a ransom, threatening permanent account deletion if not paid, as reported by Cyberint. In response to the unusual activity detected on these accounts, LinkedIn has been sending out notification emails to the affected users, temporarily locking their accounts as a precautionary measure. This unusual activity could be a result of multiple failed attempts to breach an account, possibly through brute force password attacks or attempts to bypass two-factor authentication (2FA) protection, which some users have enabled.
Victims of this cybercrime have taken to social media to voice their frustrations and seek help in regaining access to their accounts, citing a lack of meaningful response from LinkedIn’s support team. The problem extends beyond the complaints visible on social media. The researchers have observed a significant surge in the number of Google searches related to compromised LinkedIn accounts over the past 90 days.
Search terms such as “LinkedIn account recovery appeal” and “LinkedIn account hacked 2023” have seen a growth of over 5000%, indicating a widespread issue. For some LinkedIn users, the first indication of a problem was an email notification from LinkedIn stating that a new email address from the rambler.ru domain had been added to their account. The unauthorized user then changes the account password, effectively locking out the original user.
Interestingly, the hackers have been enabling 2FA on the breached accounts, a security measure that the original owners may regret not implementing earlier. What’s particularly disheartening is that the news of this hacking campaign has been brought to light by independent researchers, not LinkedIn itself. Despite numerous complaints and pleas for help from locked-out users, LinkedIn has yet to issue a public statement on the matter.
For those concerned about the security of their LinkedIn accounts, it’s recommended to use a strong, unique password and enable two-factor authentication. While LinkedIn offers both app-based and SMS-based 2FA, the former is preferred due to the risk of SIM swap attacks associated with the latter.
Additionally, users should both ensure their LinkedIn account is associated with an email address they regularly check in order to avoid missing any important notifications from the company, and also ensure that old email addresses which are not in use are removed from your account.
