That spam messages on LinkedIn can be quite dangerous was revealed by the discovery of Google security researchers who noticed fake LinkedIn messages sent by hackers believed to be connected to the Russian government and which reached various officials from European countries. Messages contain links whose opening compromises the device by exploiting vulnerabilities in Windows and iOS.
Now researchers from the Google Threat Analysis Group (TAG) and the Project Zero team have published details about four zero-day vulnerabilities, which were not known before the attacks in which hackers used them were noticed.
It is not yet known how many LinkedIn users were attacked in this hacker campaign and how many were eventually hacked. Google believes that the Russian government is most likely behind the criminal group responsible for these attacks.
The vulnerabilities were discovered in Google Chrome (CVE-2021-21166 and CVE-2021-30551), Internet Explorer (CVE-2021-33742) and WebKit (CVE-2021-1879), an engine used by Apple’s Safari web browser. This last vulnerability was removed by Apple on March 26 (CVE-2021-1879). Hackers targeted iOS devices that work with older versions of iOS (12.4 to 13.7).
According to Google researchers, the goal of the Russian hacker was to steal authentication cookies from several popular websites, including LinkedIn, Microsoft, Google, Yahoo and Facebook.
Google did not link these attacks to a specific hacker group, but Microsoft did. Microsoft says that the culprit for the attacks is the state hacker group Nobelium, which is behind last year’s attack on SolarWinds.
The US government formally indicted Russia’s Foreign Intelligence Service (SVR) in April that she conducted a “broad cyber espionage campaign” and that the attacks were carried out by her hackers, a group known as APT29, The Dukes and Cozy Bear.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!