[Warning] Malicious personal message from fake LinkedIn friend

1. Information

INCA Internet response team detected malicious e-mail disguised as personal message of LinkedIn, one of SNS services. LinkedIn is a professional social networking website. Founded in December 2002 and launched in May 2003, it is mainly used for professional networking. As of 9 February 2012, LinkedIn reports more than 150 million registered users in more than 200 countries and territories. Malicious e-mails disguised as sent by LinkedIn have been found several times with Ads for Viagra.

This malicious file installs additional malicious files with using various security exploit including Adobe Reader(PDF), Java(JAR)
2. Spreading cases and symptom of infection

[Warning] Malicious file about portrait infringement 

There were various malicious e-mails with using SNS. ▶ Notice on Twitter or Facebook ▶ Attached malicious files on notice for changing personal information ▶ Disguised as adding friends. 

The most recent case of being found is disguised as a message sent by LinkedIn Classmate. Of course, it contains malicious links.

These links will direct to certain Bulgarian web site. When user clicks URL to addon.html, malicious script code will be executed.

If accessing malicious web site, follow figure will be shown. It shows such as invitation of Classmate, however; malicious script code will be executed.

"addon.html" contains both LinkedIn related words and certain scripts.

After working script, it will redirect to another site and execute "main.php".

- hxxp://h(~)lub.net/main.php?page=d72ac4be16dd8476

"main.php" will execute "ap2.php", "Edu.jar" and run Adobe Reader Exploit Code Java Applet Exploit Code(CVE-2012-0507).

- hxxp://h(~)lub.net/data/ap2.php : a9513.pdf (file name consists 1-digit alphabet and 4 digits random numbers)
- hxxp://h(~)lub.net/Edu.jar

Upon executed exploit code, it will download additional malicious executable file and will make its clone on Application Data folder.

It can access on certain host and can be damaged by additional attack command of attacker after being infected.

3. Summary

With the growth of SNS users, malicious file creators and distributors are trying to deceive users. To use PC safely from security threats of these malicious attachments, we recommend you download latest security updates and obey following "Security management tips" for general users.

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function.
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.

INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.


  1. Stuck on writing a five paragraph essay, huh? Click on my link to read a great tutorial on it!

  2. I am glad I can read about this dangerous message. Now I am aware. Thank you!

  3. Very useful article, and everyone should aware of this type of fake message. If you want to buy best security software for your laptops, PC then you must visit Geek Squad Support
    Here, you get best buy support and solve all your issues.

  4. for the dragon age startup problems in windows i have just resolved it with my best efforts and you can also solve this dragon age inquisition won't start

  5. yes you can get robux free robux and learn how to win the game more easily.

  6. if you see Microsoft setup office is not able to verify the license of this product. You should repair the office program you can solve this issue by using the control panel this very easy to perform all activity on your system for more information you can visit our website activate office

  7. Finding the best healthcare research paper services and Healthcare Essay Writing Services is not easy unless one is keen to establish a professional healthcare assignment writing service provider & healthcare homework help online.

  8. Well done. This really helps me to find the answers to my question. Hoping, that you will continue posting articles having lots of useful information.Thanks visit now for cheap and amazing Refurbished handsets

  9. Those ESL assignment writing services have an advantage of hiring the best English language coursework writing service company that is familiar with ESL assignment help services for their English Language Writing Services.

  10. ARE YOU GETTING ONLINE GAME YOU CAN PLAY FREE STREAM CODES https://freesteamcodes.co/free-steam-code-20/

  11. great article thanks for posting such an informative and helpful article. i really loved your work and loved the way you represent your articles. thanks for posting and keep sharing more.
    click now ti visit our site

  12. Wales publishers are offering optimized, Best Publication Services in UK to boost the researcher and research communities, by providing accelerated and efficient services to fasten the publishing process and to give more opportunities for research on different disciplines.Wales publication research conferences give the researchers an international platform to discuss their scientific research Open Access Publishing UK work and their edges.We are different from other conferences because the community's member organizes our conferences.