Crypto hacks via LinkedIn, yes it’s being done!!!

[Juggy777]

According to this Cointelegraph article hackers targeted people who’re looking for jobs in the crypto sector, and the hackers carried out this hack by creating an ad on LinkedIn, and then asked users to download an application form which had malicious code inside it.

It goes without saying that once the user downloaded the form then the virus began to steal all the login details stored on the device, and it even stole crypto’s if it was stored on that device.

Further as I have advised here in the past, and I’ll once again advise that people should secure their system with a good antivirus in place, because virus can come from places you least expect and can cause irreversible damage.

According to a report by the Finnish cyber security and privacy firm, F-Secure, the latest Lazarus attack was made through a crypto-related job advert on the site.

According to data by VirusTotal, the original malicious macro was created in 2019, with 37 antivirus engines having reported it.

https://cointelegraph.com/news/lazarus-is-attacking-the-crypto-industry-via-linkedin-warns-f-secure

[Arcadedeluxe]

what!,event linkedIn too,can u tell me how we prevent from such thing,how we identified sofware,app ect that have malicious script,if using antivirus what,antivirus that good enough,i have experience while im using 2 difference antivirus,one detect in my system has infected with sort of virus,and another one just don't detect any virut at all,it's so confusing as newbe user in cryptocurrency,it's make me feeling doubtful for using cryptocurrency as digital assets,in my system i had lot's app and game,some of them cracked version,after read this i feeling unseasy to dip in,into cryptocurrency

[aioc]

LinkedIn should address this issue, people are paying this network knowing they are safe and secure, they should disable accounts of Linked users who are hacking people's computer, clean their system if they are not going to do this they will lose subscribers and users, they are making a lot of money from subscribers, so users safety should be their main concern.

[DdmrDdmr]

<…>

You must have missed the thread on the matter here on Beginners & Help, from a couple of weeks ago: Lazarus Group campaign targeting crypto thru LinkedIn.

The end weakness it the fact that LinkedIn allows files to be sent within its platform in all sort of formats (CSV, XLS, XLSX, DOC, DOCX, PPT, PPTX, PDF, TXT, HTML, HTM). As we know, those that allow for macros/scripts to run can do all sort of harmful things, and them being sent over Linkedin, as means to extend communication, does not guarantee more safety than a similar file received in your email's inbox or on Telegram. By that I mean that the usual precautions need to be taken by the platform’s users, and not lower the guard just because they received the file within the LinkedIn environment.