August 11, 2020

Kaspersky Lab Warns LinkedIn From Potential Spear Phishing

Last November Kaspersky Lab researchers contacted Linkedin’s security team, and informed them about the kespersky logoissue. The platform was fixed and the threat has been mitigated. The security issue could pose a major threat to its 360+ million users. Because LinkedIn attracts so many people in the business community, a security flaw such as this one could help attackers to efficiently execute spear phishing campaigns, steal credentials and potentially gain remote control over selected victims without needing to resort to social engineering.

“While certain HTML content should be restricted and we have issued a fix and thanked Kaspersky researchers; the likelihood of exploit on popular modern email platforms is unlikely.” says David Cintz, Senior Technical Program Manager at Linkedin security ecosystem.

Social platforms are a big target for hackers. A business-oriented social platform that gives details of millions of business men and women, along with their titles, colleagues, career information and more, could be extremely valuable. It’s not difficult to target a user, and exploiting that information is just a single comment away.

Injecting a malicious comment into a user’s post thread will automatically launch a notification to his email account, regardless of the email provider or connection hierarchy between the victim and the attacker.

Although it seems that the application server had escaped the dangerous characters, the payload is only escaped from the main application.

In the worst case scenario, if an email provider fails to properly escape the content of an incoming email, the attacker can leverage the issue to execute a malicious JavaScript injection attack, also known as Stored XSS.

Another scenario might involve using an associated HTML form to collect information about the victim or redirect the victim to a site where a malicious executable can be downloaded.

How to prevent yourself from becoming a victim:

1.Use an advanced Internet Security solution to filter out dangerous redirections to servers that contain malware, phishing and more. If a solution is already installed, keep it updated at all times.

2.Opening an attachment or following a link in an email – even from a known party – might contain malicious content. Be very wary before making the decision to open it.

3.Do not register to social platforms with your corporate email account.

In case you have any additional questions, request you to please send us the questions and we will connect you to Kaspersky Lab officials.