According to an article in IT Pro, exploits in LinkedIn’s own security measures likely could have enabled hackers to spread malicious files across its networking site and infected millions of users’ computers.
LinkedIn, which boasts over 500 million users in 200 countries, makes it possible for its members to chat, share resumes and forward job descriptions to others in their network using a messenger service.
Numerous weaknesses were identified in LinkedIn’s own security measures that are designed to restrict the types of files that are uploaded to LinkedIn’s chat windows.
Usually these measures allow only a handful of extensions including pdf, text documents and jpegs, but it was found that hackers could easily bypass these checks by uploading malicious files disguising as accepted extensions, which were then able to spread throughout a user’s contacts, consequently infecting any computers connected to those accounts.
Read more
