In the last few days, we have been looking at various aspects of a web spam campaign. We have found that, among other things, websites from various major universities have been impacted by this. We also found that GitHub and LinkedIn, which are both owned by Microsoft, have been impacted by this and they don’t seem to be doing a great job of catching that.
One aspect of this involves GitHub Apps. Here is one example of spam pages on there:
That, in turn, links to a page on LinkedIn Pulse:
You can see that was published a week ago and is still up.
What is going on with the account that was posted through is unclear. It is listed as a financial services company, but the rest of the description isn’t in line with that:
There is another account for what appears to be the same entity that seems more credible, as among other things, it lists them in the music industry
