AfterDawn: Tech news

LinkedIn: Browser plugin does not hack our service

Written by James Delahunty (Google+) @ 01 Apr 2014 18:03 User comments (1)

LinkedIn: Browser plugin does not hack our service LinkedIn has responded to reports about a browser plug-in that claimed to be able to hack e-mail addresses of any users.
The Sell Hack browser plug-in can be installed in Chrome, Safari or Firefox, and it adds a "Hack In" button to every LinkedIn profile that you visit. It claims that with just a click of this button, it can dump the e-mail address information associated with the profile.

Early reports suggested that the tool somehow compromises LinkedIn's system to dump the e-mail addresses. However, at closer look, the plug-in clearly does not work for every profile that you try, whereas it appears to work for profiles of well known individuals.

That led quickly to more skeptical-types assuming that the plug-in is using some other means to find information available elsewhere about a particular user.

According to LinkedIn's senior manager of corporate communications, Krista Canfield, no LinkedIn data has been compromised by the plug-in, and the e-mail addresses that are revealed are not done so through any breach, bug or vulnerability with the site.

LinkedIn warns users on the risks of the plug-in

On Monday, Canfield confirmed that the service had sent a cease and desist letter to address "several violations," and she warned against users installing the plugin.

"We advise LinkedIn members to protect themselves and to use caution before downloading any third-party extension or app," Canfield told Yahoo Tech, reports Alyssa Bereznak. "Often times, as with the SellHack case, extensions can upload your private LinkedIn information without your explicit consent."

That seems like reasonable advice for more than just this particular plug-in.

Sell Hack defends itself

The individuals behind Sell Hack describe themselves as "dads from the midwest", and object to being described as sneaky, nefarious, no good, or not "legitimate". They confirmed the cease and desist letter sent from LinkedIn, and that Sell Hack no longer works with LinkedIn.

"We only processed publicly visible data from LinkedIn based on your profile permissions...all of which has been deleted."

At the same time, it has been a mixed bag for them as they have had more signups today than the first 60 days of availability combined, and that they are working on a better product that complies with LinkedIn's terms of service.


Sources & Recommended Material:
Original report from Yahoo Tech: https://www.yahoo.com/tech/...
Response from Sell Hack: http://blog.sellhack.com/
Analysis by security analyst Graham Cluley: http://grahamcluley.com/2014/04/sellhack-linkedin/

Tags: LinkedIn
Previous Next  

1 user comment

12.4.2014 21:15

I HATE Linkedin!

It benefits recruiters only. They build a massive list of prospective job hunters off this crappy site.

I wish Linkedin died forever and was shutdown. I promise nobody would miss it!

Comments have been disabled for this article.

Latest news

A bug in Chrome allows you to download Netflix movies A bug in Chrome allows you to download Netflix movies (25 Jun 2016 15:21)
A group of security researchers have found a vulnerability in Google's Chrome browser that allows downloading movies straight from Netflix. This is obviously not a feature especially the entertainment ....
2 user comments
Three out of four Netflix customers would rather cancel than watch ads Three out of four Netflix customers would rather cancel than watch ads (25 Jun 2016 14:05)
For a long time Netflix was adamant on its pricing. No changes were made for a long time and everything seemed to be good. The markets obviously reacted and more expensive deals and original ....
3 user comments
Apple Music left in the dust, Spotify at 100 million subscribers Apple Music left in the dust, Spotify at 100 million subscribers (25 Jun 2016 12:01)
Spotify has told The Telegraph that it has surpassed the 100 million mark in subscribers. Paying subscribers was earlier this year reported to have passed 30 million. Apple meanwhile is having ....
2 user comments
Rumor has it that Apple has cancelled iPhone's dual camera Rumor has it that Apple has cancelled iPhone's dual camera (18 Jun 2016 18:05)
The next iPhone will be a major upgrade to current iPhone 6s. This biyearly full upgrade cycle provides us with a bigger upgrade every two years. But how will Apple update its number one product, ....
6 user comments
OnePlus releases new flagship killer, smaller X discontinued OnePlus releases new "flagship killer", smaller X discontinued (18 Jun 2016 16:11)
The small Chinese smartphone maker OnePlus took the world by storm two years ago by releasing a super cheap flagship smartphone. They called it the flagship killer, and it indeed challenged ....
4 user comments

News archive