Hackers are Using Stolen LinkedIn Credentials for Spreading Banking Malwares!

As you know, MySpace, Tumblr and LinkedIn’s millions of user credentials are in the hands of hackers. All this happened due to major database breaches. Yesterday, more than 30 million twitter passwords have been hacked by hackers. The database of twitter is safe, but social accounts of those users are at risk, which are using same Passwords and User ID’s for all accounts. Hackers are hacking the social accounts of celebrities by using these credentials. Recently the Twitter and Pinterest accounts of Facebook Founder “Mark Zuckerburg” were hacked by cyber crooks.

Hackers are not only selling the stolen credentials on dark web, they are also misusing these credentials in many other ways. In a recent research, security experts have found that hackers are using “Leaked LinkedIn Email Credentials” for email attacks. Hackers are spreading malwares through Emails.

How Hackers are Spreading Malwares through Emails?

Hackers are sending specially crafted malicious documents to victims through Emails. Hackers are packing the document into malicious macros. They are also scrambling the content of document in order to trick the victim to enable macros, foe the text view of document. When user will enable the macros, document will take binary coded data from compromised server or website. This binary coded data is a malware in actual. This malware is “Zeus Panda Banking Trojan”.

Hackers are sending these emails to victims as business proposals by using the details of People’s LinkedIn accounts. Hackers are using user’s name, company name and job title in the Sender ID of email. Hackers are using regional languages in emails for targeting victims of particular countries. Before LinkedIn data breach, it was difficult for hackers to spread these malicious emails. Now they are openly using LinkedIn details of users. The main reason behind the usage of these LinkedIn details is, to make the emails looks more genuine.

A number of cases have been seen by security firm "Fox IT" in Netherlands. Hackers are sending emails to victims in “Dutch” language. They are using LinkedIn user names, company name and job title as sender id of email. German Federal CERT (CERT-BUND) also warned users by making some tweets.

Brief Note in Zeus Panda Banking Trojan

“Zeus Panda Banking Trojan” is the updated version of “Zeus Banking Trojan”. You can say that “It is an old wine in a new bottle with new name”. Zeus Panda banking Trojan is also famous as “Panda Banker”. This “Panda Banker” was first detected by Fox IT in February. All these banking malwares were developed by their authors, when the source code of “Zeus” malware was publicly leaked by its author.