Most of you know LinkedIn, the so-called employment social network. It is a company currently owned by Microsoft. It seems that the website has experienced a severe failure that has allowed the attackers to obtain information from users. It looks like it was a bridge-like attack, maliciously using the auto-complete button.
A bug in LinkedIn could have put your data at risk
At the moment the extent of the attack is unknown, we do not know how many users could have been affected by the failure. What is known is that the page itself has acted quickly and only 24 hours later they had already fixed the bug.
LinkedIn Security Failure
As we have told you, it seems that the auto-complete button on the web has been used maliciously. The attackers have used an invisible design that occupies the screen of the employment social network. When the user goes to enter data and allows data to be dumped using the button, the attackers get this data as well.
This problem appears to have abused the LinkedIn API for login to third party sites and services. However, the website has been very attentive to the bug, and they have corrected it very quickly. In less than 24 hours.
So there is no longer any threat when using this button, and we assume that from the employment social network will be aware of possible risks. What is still unknown at the moment, pending further information from the company, is the number of users affected.