Blindsided on LinkedIn: The Alarming Way Chinees Cybercriminals Seized Control of My Account

0
313

This story is more intriguing than ever, and frankly, it’s really smart and sophisticated.

Look, I’ve been involved in cybersecurity and all things “blue hat” for a while now, and busting scammers and their modus operandi has been my side gig for a long time.

Now, this is all about my recent LinkedIn account hack, and let me tell you, it’s a wild ride. I had two-factor authentication (2FA) enabled, and I was logging in from my computer and iPhone only, so I thought I was playing it safe. But boy, was I in for a surprise.

A week ago, I was just casually browsing LinkedIn when suddenly, the whole UI and language changed to Chinees! I was like, “Whoa, what’s going on here?”

Now, this is all about my recent LinkedIn account hack, and let me tell you, it’s a wild ride. I had two-factor authentication (2FA) enabled, and I was logging in from my computer and iPhone only, so I thought I was playing it safe. But boy, was I in for a surprise.

A week ago, I was just casually browsing LinkedIn when suddenly, the whole UI and language changed! I was like, “Whoa, what’s going on here?” So, I did some research and found out that LinkedIn can change the language based on your system settings. But here’s the kicker – my system language was set to English, so I was scratching my head, wondering how this could have happened.

Long story short, everything was in Chinese, and the translation wasn’t working either. After a bit of tinkering, I managed to sort out the language issue from the settings, and I checked my login activity, which showed only two devices. I thought, “Alright, I’m in the clear. Must have been a glitch or something.”

But, oh, how wrong I was. Three days later, on April 5th, 2024, I was just leaving the movie theater when I started getting emails in Chinese. My login activity from Canada, and my photo ID had been changed! — what a move by hackers just changing language so that they can buy some more time sabotaging account/system. —

I was like, “Woah, all my networking efforts are going down the drain, and this is happening even with 2FA enabled?” Needless to say, I was worried.

It was time for some serious remediation action.

I immediately logged in from my phone, changed my password, and found that the hacker had made numerous changes to my bio, experience, and even added a few new connections. Sorting this out was a bit of a challenge, but I knew I had to act fast to prevent any further damage.

and

 

So, what did I do? I decided to hibernate my LinkedIn account, which takes 24 hours to activate again even after right password, effectively locking the hacker out. Later that night, I emailed LinkedIn about the issue, and they helped me sort it all out.

Careful peeps’ Technology is evolving into quantum space!

 

Updated: 09- April – 2024 || 1408 HRS

Still there is some level of access to my account, no other sessions than my laptop, 2FA Enabled and all security features on!!!

 

__

Update: 3rd May 2024, LinkedIn cleared all connection request sent by hacker, cleared all messages and restored to clean point of state, but still no response/denying the fact that account was hacked due to some internal security issue and still blaming my security practise.