LinkedIn Virus?
August 21, 2004 3:49 PM Subscribe
Linkedin Virus: Have any of you guys received an email in the last week from a friend's valid email address asking you to join their LinkedIn network? It seemed harmless enough so I clicked the link, wasn't interested and closed the browser. Soon enough, my whole machine slowed down to a crawl and even after repeated reboots, it's still almost locked. Sound familiar?
I'm posting this from an uninfected laptop while I let an anti-virus program run on the other one. Any other advice for someone who's never had this kind of thing happen?
I'm posting this from an uninfected laptop while I let an anti-virus program run on the other one. Any other advice for someone who's never had this kind of thing happen?
Response by poster: I should also mention that when I rebooted the machine, it said I had 32MB of RAM--while in reality I have 512MB. Then it progresses through a few screens to where the desktop should appear, but instead reboots itself, over and over.
Does this sound more like hardware failure than a virus?
posted by dhoyt at 7:31 PM on August 21, 2004
Does this sound more like hardware failure than a virus?
posted by dhoyt at 7:31 PM on August 21, 2004
I probably shouldn't ask, but I have a compeeling desire to know: what was the link?
[For those of you playing along at home, if the link should appear, do not click it. I, however, am entirely comfortable doing so as I'm using my ex-wifes computer and have better than a decade of expierience destroying hardware that doesn't belong to me.]
posted by cedar at 7:42 PM on August 21, 2004
[For those of you playing along at home, if the link should appear, do not click it. I, however, am entirely comfortable doing so as I'm using my ex-wifes computer and have better than a decade of expierience destroying hardware that doesn't belong to me.]
posted by cedar at 7:42 PM on August 21, 2004
Response by poster: I don't know if I should do this, but here it is...
(NOTE: LINK MAY or MAY NOT BE TROUBLE)
https://www.linkedin.com/e/isd/5169544/tgdP5pLd/
If nothing else, maybe someone could be able to tell if this seems suspicioust or not? Unfortunately, the computer in question belongs to my sister who has reams of important info on the harddrive. I'm feeling very very guilty if, in fact, I've inadvertantly caused harm to her machine.
Here is the exact text of the email:
-------------------------------------
Dhoyt,
I'm using LinkedIn to keep up with my professional contacts and help them with introductions. Since you are one of the people I recommend, I wanted to invite you to access my network on LinkedIn.
I initially joined LinkedIn when I was invited by Brett Lider, and I've already found many old colleagues. I've also located several relevant business people just two or three degrees away that I may want to contact someday. It's been pretty amazing to see the number and quality of people you can reach through just a few trusted contacts. And my LinkedIn network is growing daily by literally thousands of professionals. I definitely recommend you check it out.
Basic membership is free, and it takes less than a minute to sign up and join my network.
- Nathan
PS: Here is the link:
https://www.linkedin.com/e/isd/5169544/tgdP5pLd/
It is free to join and takes less than 60 seconds to sign up.
This is an exclusive invitation from Nathan Piazza to Darren Hoyt. For security reasons, please do not forward this invitation.
-------------------------------------
Nathan, by the way, is a real friend of mine, and the email came from his legit email address. I've tried calling him to see if he actually sent this (or if it is a self-propogating virus), but he seems to be out of town....
posted by dhoyt at 8:35 PM on August 21, 2004
(NOTE: LINK MAY or MAY NOT BE TROUBLE)
https://www.linkedin.com/e/isd/5169544/tgdP5pLd/
If nothing else, maybe someone could be able to tell if this seems suspicioust or not? Unfortunately, the computer in question belongs to my sister who has reams of important info on the harddrive. I'm feeling very very guilty if, in fact, I've inadvertantly caused harm to her machine.
Here is the exact text of the email:
-------------------------------------
Dhoyt,
I'm using LinkedIn to keep up with my professional contacts and help them with introductions. Since you are one of the people I recommend, I wanted to invite you to access my network on LinkedIn.
I initially joined LinkedIn when I was invited by Brett Lider, and I've already found many old colleagues. I've also located several relevant business people just two or three degrees away that I may want to contact someday. It's been pretty amazing to see the number and quality of people you can reach through just a few trusted contacts. And my LinkedIn network is growing daily by literally thousands of professionals. I definitely recommend you check it out.
Basic membership is free, and it takes less than a minute to sign up and join my network.
- Nathan
PS: Here is the link:
https://www.linkedin.com/e/isd/5169544/tgdP5pLd/
It is free to join and takes less than 60 seconds to sign up.
This is an exclusive invitation from Nathan Piazza to Darren Hoyt. For security reasons, please do not forward this invitation.
-------------------------------------
Nathan, by the way, is a real friend of mine, and the email came from his legit email address. I've tried calling him to see if he actually sent this (or if it is a self-propogating virus), but he seems to be out of town....
posted by dhoyt at 8:35 PM on August 21, 2004
Response by poster: By the way, I just googled "Brett Lider" and not only is he a real person with a site, he mentions my friend Nathan--so maybe the email was not a virus? Or maybe it was, but cleverly spoofed to look like something else?
posted by dhoyt at 8:42 PM on August 21, 2004
posted by dhoyt at 8:42 PM on August 21, 2004
I've gotten a LinkedIn invite from a RL friend, but haven't pursued it yet.
The letter's wording was different. I think my acquaintance probably wrote it himself. But I haven't performed any testing.
posted by mwhybark at 9:01 PM on August 21, 2004
The letter's wording was different. I think my acquaintance probably wrote it himself. But I haven't performed any testing.
posted by mwhybark at 9:01 PM on August 21, 2004
That invite looks exactly like the one I got from my friend except my friend made it look a more personalized than the boilerplate Linked In provides she added a [insert their generic marketing copy here] before the stuff you did above. The linked in email is plain text and pretty innocuous. Linked in is pretty interesting and I've been able to reconnect with friend/business contacts through people in my network and I've not really sunk a lot of time in it.
Brett and Nathan are both on Linked in. I'm 3 degrees from Brett, 4 from Nathan.
When your system restarts and only finds 32MB of 512MB sounds more hardware related than anything else. it could be a coincidence that the linked in invite link and your hardware problems happened at the same time.
posted by birdherder at 9:16 PM on August 21, 2004
Brett and Nathan are both on Linked in. I'm 3 degrees from Brett, 4 from Nathan.
When your system restarts and only finds 32MB of 512MB sounds more hardware related than anything else. it could be a coincidence that the linked in invite link and your hardware problems happened at the same time.
posted by birdherder at 9:16 PM on August 21, 2004
Well, I just went to the link and it all looks good to me. I think your case happens to be a coincidence, sorry...
The fact they even know your real name tells me that it's not just some virus/scam/spam site.
Here's info on linkedin.
posted by shepd at 9:31 PM on August 21, 2004
The fact they even know your real name tells me that it's not just some virus/scam/spam site.
Here's info on linkedin.
posted by shepd at 9:31 PM on August 21, 2004
Response by poster: It could be a coincidence that the linked in invite link and your hardware problems happened at the same time.
I think your case happens to be a coincidence, sorry...
Whew, your input makes me feel better ;) Thanks guys. Let's hope it was a coincidence. Definitely sucks about the computer, but I'm glad I didn't cause it via some hasty, inattentive clicking. I'll we'll somehow try and salvage the data for my sister if we can, though it still reboots every time just before reaching the desktop. The "32MB of RAM" thing is still mysterious, too.
Skallas: I use Firefox/Thunderbird religiously at home, but this was my sister's computer at her house and she uses IE.
posted by dhoyt at 10:00 PM on August 21, 2004
I think your case happens to be a coincidence, sorry...
Whew, your input makes me feel better ;) Thanks guys. Let's hope it was a coincidence. Definitely sucks about the computer, but I'm glad I didn't cause it via some hasty, inattentive clicking. I'll we'll somehow try and salvage the data for my sister if we can, though it still reboots every time just before reaching the desktop. The "32MB of RAM" thing is still mysterious, too.
Skallas: I use Firefox/Thunderbird religiously at home, but this was my sister's computer at her house and she uses IE.
posted by dhoyt at 10:00 PM on August 21, 2004
You probably ought to just ctrl+alt+del on that machine. I really don't think it's anything to do with linkedin -- it'll be something else entirely.
posted by reklaw at 7:44 AM on August 22, 2004
posted by reklaw at 7:44 AM on August 22, 2004
I'm on LinkedIn, haven't seen or heard of any experiences like that.
Then again, my browsing happens in Firefox/Win or, more likely, various browsers on Linux.
posted by gimonca at 8:31 AM on August 22, 2004
Then again, my browsing happens in Firefox/Win or, more likely, various browsers on Linux.
posted by gimonca at 8:31 AM on August 22, 2004
Did you try booting the affected box in Safe Mode?
posted by billsaysthis at 9:44 AM on August 22, 2004
posted by billsaysthis at 9:44 AM on August 22, 2004
Response by poster: I try hitting F6 right after bootup, but it won't take me into safe-mode...
posted by dhoyt at 10:16 AM on August 22, 2004
posted by dhoyt at 10:16 AM on August 22, 2004
This thread is closed to new comments.
Though I'm unfamiliar with LinkedIn's site, my first instinct would've been to try a USENET search of the site, along with a cursory check of various IP blocker lists. And maybe then, using high security settings and with ActiveX/Java/script disabled, I'd view the Google cache, while taking note of any attempts to redirect the browser. But that's mainly because of other suprises which wandered into my old ISP's address box.
posted by Smart Dalek at 4:12 PM on August 21, 2004